[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Re: FW-1 at fwname: Access denied.
This box is running 3083 on 2.6 without websense. I was thinking it
might be load related - that would explain why sometimes pushing
rules fixes it and something not (in fact, it would explain why the
problem can fix itself), but yesterday we even did an fwstop and
fwstart and the problem seemed to persist. Do mean actual TCP
connections at the OS level? I hadn't thought of that and will check
today if the problem recurs - we tried init 6 last night and it
looks to be OK this morning.
Bill
payal rewri wrote:
>
> Bill
> I have seen this msg. when i have Websense 3.11 on Solaris 2.6, FW version
> 4 service pack 1. And in this case websense or in.httpd secure server was
> not able to keep up with the load, so it started rejecting connections
> for users trying to surf out on port 80. I have hunch this is in.httpd
> problem in FW 4, and know problem.
> regards
> payal
>
> Date: Wed, 14 Apr 1999 07:10:46 -0700
> From: Bill Husler <BHusler@PacBell.net>
> Subject: [FW1] What causes spurious "Access denied" message?
>
> Does anyone know the specifics on what causes the following message
> to appear in a blank netscape window?
>
> Error
>
> FW-1 at fwname: Access denied.
>
> The rule that should be in effect is:
>
> any@inside any http client authenticaiton long
>
> I see the authentication in the firewall log, but nothing related to
> the subsequent connection attempt. Not all sites are effected. Those
> sites that are affected were available earlier, but all of a sudden
> the access denied message starts appearing. We try pushing rules and
> sometimes it seems to help, but after a few hours, the same sites
> are unavailable again.
> Bill
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================