[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] "proxy_logical_port failed" when using HTTP Security Server

To: fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] "proxy_logical_port failed" when using HTTP Security Server
From: Cecilia P. <alma_cecilia1@yahoo.com>
Date: Wed, 6 Oct 1999 14:59:59 -0700 (PDT)



Hi FW-1's gurus?

I really appreciate your help with this problem
because 
I've been looking in all related sites and newsgroups
about Firewall-1 but until now I haven´t see nothing
about this message.

Thanks in advance for your help and sorry for my poor
english.

What I need to do?

I need to restrict my internal users the access to
Internet pates through the authentication system
provided in the HTTP Security Server.

What I configure?

I run fwconfig to install the HTTP Security Server
I don´t need be compatible with previous versions.
I stop and restart the FW-1 proccess

This step modify the file
/opt/SUNWfw/conf/fwauthd.conf

80    bin/in.ahttpd   wait 0

I put this line in the file /etc/inetd.conf

ahttpd  stream  tcp     nowait  root   
/opt/SUNWconn/bin/in.ahttpd 80    in.ahttpd

I gave a kill -HUP to the inetd process

I created a new user:
Allowed sources: any
Allowed destinations: any
Authentication scheme: FW-1 password

I created a new group and put my user in that group
I put the next rule
My_group@any --- any
----authenticated---UserAuth---longLlog---fw

In my client browser I define the fw as the proxy in
port 80

First the FW just refuse connection so I add a new
rule

any---fw----http----pass

When the browser tries to acces a page, the in.ahttpd
daemons starts and listen in the port 80 and with the
ps -fea you can see 2 process more.

But in the client the next message is show:

ahttpd: this_attpd_port_num missing

In the log (file /var/opt/SUNWfw/log/ahttpd.log) you
can see:

init_proxyid: proxy_logical_port failed

I don´t understand which port is failing, in FW-1 log,
snoop and netstat -a I can see how my PC and the FW
are communicating throug port 80. So I don´t
understand what the message means...



alma_cecilia1@yahoo.com



Environment
Solaris 2.5.1
Firewall 3.0b

Workaround

=====

__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Nokia vendors
Next by Date: [FW1] ICQ time-out problems....
Prev by thread: [FW1] Nokia Vendors
Next by thread: [FW1] ICQ time-out problems....
Index(es):
- Date
- Thread