Hello all, newbie question here.
I realize that this is not a "pure" firewall question. As such it may be perceived as OT, to the extent it is - I apologize in advance. However, I realize that corporate Internet security solutions involve a lot of moving parts and I believe my question goes to the manner in which different browsers interact with firewalls, particularly "solutions" that are positioned as proxy & firewall all-in-one. So, disclaimer aside, here it goes:
Background:
In my position, I frequently work with an internet image-enabled document repository application. The site enables users in different locations to have access to material that they need from where ever they are via a secure site. Users query the database in order to find images of documents that are responsive to the query. The application validates a user via a standard NT dialog box that appears in the browser window. Successful authentication establishes an SSL-session that is maintained for the entire time a user is on the site (reason being these are sensitive documents that should not be transmitted as plain-text).
Nature of the Problem:
Potential users of the site who use IE (various versions - 5.0x, 5.5x) to access the Internet from behind corporate proxy servers & firewalls frequently have trouble accessing the site. I'm sure the reasons vary; however, the symptoms are almost always the same. The NT dialog box appears. They enter their information. They click OK. The progress bar in IE starts moving to the right. Then, -- nothing. Or I should say, nothing appears to happen. Sometimes, if you leave the browser alone a successful logon occurs anywhere from 15-30 minutes later. If a user attempts to connect via Netscape Navigator, or even Opera, on the same machine w/o any configuration changes, the user gets in almost immediately. If a user takes the same machine and "by-passes" the proxy/firewall (e.g. dials up to an outside ISP), they get right in. I've seen this on Squid and ANS Interlock proxy/firewall solutions. I imagine I'll see it on others as well.
[Why not just use one of these other browsers, you may ask? Well, the site in question is actually optimized for IE. Users of other browsers would sacrifice some of the functionality that makes the site a nice collaboration tool.]
Questions:
1. Have you experienced folks out there ever seen anything like this, especially for users trying to get to secure sites?
2. Do proxy/firewall products have different configuration settings/policies (insert the proper word here) for different browsers?
3. Any suggestions or gentle prompting I could offer my proud, yet befuddled, IT group that is attempting to trouble-shoot this problem? They claim they've already checked the logs for dropped/rejected packets and found nothing. For example, could this be the result of ACL settings using netd or ipfw commands?
Thanks!
Chris Brown
Legal Technology Services
Ernst & Young, LLP
202.327.7369
http://litigation.ey.com
*******************************************************************************
Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. Ernst & Young LLP
*******************************************************************************
