Hi all,
I�ve a Wildcard URI resource created by default, this is that i checked in the "general tab": - Enforce URI Capabilities - Connection Methods: Transparent, Proxy - URI Match: Wild Cards In "match" tab: - Schemes: http - Methods: GET, POST, HEAD, PUT And i placed this in a rule base: source: local_net, destination: any, service: http-->uri_resource, track: log But the problems is when i try navigating to any URL, the error is: "The page cannot be displayed" a tipical IE error, the problem seens to be that the "Security Server" has not star up... any ideas??? Best Regards /matt -----Mensaje original----- De: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] nombre de Jean-Pierre FORCIOLI Enviado el: lunes, 10 de noviembre de 2003 6:16 Para: [EMAIL PROTECTED] Asunto: [FW-1] Cluster is hiding outbound traffic... Hi, We're using two SPLAT NG FP3 HFA316 with Cluster XL Load Sharing enabled. We're using RADIUS authentication (USER AUTH) for HTTP traffic. User Authentication doesn't work all the times. When it doesn't work we notice the following with network captures : 1. The user provide the cluster a login/password, 2. One node from the cluster contacts the Radius Server... But the IP source of the packet is the one of the cluster (!) and not the real IP address of the node (of course we have to add this IP address in the authorized clients section of the RADIUS configuration file). 3. Radius server ansers to the IP of the cluster. 4. Load Balancing occurs because of the IP destination of this packet : the cluster IP... 5. And unfortunately, the second node get the packet for which it doesn't have any information... Do you know how to prevent Check Point hiding behind the cluster IP firewall originated packets ? Regards. -- [EMAIL PROTECTED] Cyber Networks France http://www.freebsd.org http://www.cyber-networks.fr PGP Key fingerprint = 9AEA 910F CB46 C39B 89EE EF4C 68AC 2AF1 CF17 3713 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCF173713 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
