Hi
We have a open policy for all our internal users,
yet a couple of users cannot view their E-Trade
banking account information behind our firewall. What
happens is they login successfully on the 1st screen,
but the second login screen fails and it comes back to
first!. This account involves https traffic and is
different from the regular brokerage account (which
will work). They can access FINE when they dial up. On
E-trade's suggestion, they cleared cookies, history,
temporary internet files, even re-install IE. No luck.
So it is a Firewall issue. We are not running secure
http server. I have done these things (below) to the
Firewall on ISS advice. Still no luck. Can anyone
please advice or atleast try accessing their E-Trade
banking account behind FW?.
objects.C under props: section
:http_cvp_allow_chunked (true)
:http_weeding_allow_chunked (true)
:http_block_java_allow_chunked (true)
:http_allow_ranges (true)
:http_force_down_to_10 (true)
:http_avoid_keep_alive (true)
:http_max_header_length (4096)
:http_max_url_length (4096)
and in $FWDIR/conf/ahclientd, the following files were
modified
a) ahclientd1.html replacing with
<FORM METHOD="POST">
<!-- ACTION="%s" -->
b) ahclientd2.html (no change as I see didn't see
these lines)
c) ahclientd3.html (Pl. note there is no POST, only
GET so replacing with
<FORM METHOD="GET">
<!-- ACTION="%s" -->
d) ahclientd4.html replacing with
<FORM METHOD="POST">
<!-- ACTION="%s" -->
e) ahclientd5.html replacing with
<FORM METHOD="POST">
<!-- ACTION="%s" -->
f) ahclientd6.html replacing with
<FORM METHOD="POST">
<!-- ACTION="%s" -->
g) ahclientd7.html replacing with
<FORM METHOD="POST">
<!-- ACTION="%s" -->
The FW was stopped and re-started. Also a rulebase
was compiled.
In Internet Explorer 4.x click View> Internet options>
Advanced tab -> HTTP
1.1 Settings, unmark all check boxes
In Internet Explorer 5.x click Tools> Internet
options> Advanced tab -> HTTP
1.1 Settings, unmark all check boxes
Ragu
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
