RE: [FW1] NT Printing through Firewall-1

Mon, 09 Jul 2001 08:34:35 -0700 


A thought,


FW1 by default does not allow any ports between 1 - 1024 to be used *even*
if you have any defined as a rule. 

This is typically seen with ftp sessions that transfer a lot of files, they
end up using that range and the connection is dropped

It is possible that as part of the print process a similar thing is
occuring?????

see
http://www.phoneboy.com/faq/0106.html

another possibility is that a reverse connection is being initiated and
stopped.

I take it you are using LPr/LPd for this printing?

regards
Dean


-----Original Message-----
From: Alan Baker ( ISC Networks ) [mailto:[EMAIL PROTECTED]]
Sent: Saturday, 7 July 2001 2:41 AM
To: '[EMAIL PROTECTED]'
Subject: [FW1] NT Printing through Firewall-1




Hi

I'm trying to set up my site so that an external site can print to my
internal printer.

I have set up an NT 4 machine on the DMZ that happily prints to the internal
printer (on a JetDirect box) via an internal NT 4 printserver.

The firewall is configured to allow any protocol (at present) through to the
DMZ print server.

The external site can ping the DMZ print server, and telnet to it.  But when
trying to print to it, it seems like only 72 bytes are sent and then
everything stops.

The firewall log shows one entry for each attempt viz:

14:47:17 accept firewall   >qe2 proto tcp src RemoteServer dst DMZServer
(Valid Address) service 9100 s_port 1223 len 48 rule 41 xlatesrc
RemoteServer xlatedst DMZServer xlatesport 1223 xlatedport 9100.

Can anyone give me any pointers please?


Regards,
Alan Baker

ISC Networks
Tel:    (Int +44) (0)1223 877068
Email:  mailto:[EMAIL PROTECTED]


_____________________________________________________________________
This message has been checked for all known viruses by Star Internet 
delivered through the MessageLabs Virus Control Centre.


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====
***************************************************
This e-mail is  not an  official  statement of  the
Waikato  Regional  Council unless otherwise stated.
Visit our website http://www.ew.govt.nz
***************************************************


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to