Hi, I got the pretty similar problem with several WEB servers. The server was configured as "WEB Server" and "protected by = ANY" Once the server wasn't protected by same gateway I have upgraded (several gateways managed by same Smart Center) - I changed the "protected by" to same gateway really protects it and now all working. In case it will not solve you problem - try to configure type of web server you are using or uncheck the "web server" checkbox until Checkpoint will solve it. Alexey
On Fri, Sep 30, 2011 at 2:03 AM, Eamonn Twohig <[email protected]> wrote: > Hi all, > > We've a bit of an oddity here after upgrading our firewalls to R75.20 from > R65 HFA70. Management Server was done about 10 days ago whilst gateways were > done in the last two days. > > Since the upgrade of one of the gateways yesterday, everything seemed to be > working as previous until we discovered that no-one could access our website > anymore. A quick investigation, using tcpdump and fw monitor, revealed that > the firewall was dropping all https requests when hitting the external IP of > the web server. Which is the weird thing, because no-one is sending https > requests, only http. It seems that the firewall is somehow converting http > requests to https and then obviously dropping them as our rulebase will only > allow http. There are no problems accepting and forwarding smtp traffic; > there are no problems for anyone doing udp lookups against our dns server; no > problems for anyone hitting our ftp server. Only the web server is causing us > grief. > > We've opened a support case with Check Point but so far, they are stumped. > This mailing list has some experienced people as members though, so thought > I'd ask ye too. Has anyone seen something like this before? > > If all resources on the DMZ were inaccessible then that would make more > sense, or at least make it easier to troubleshoot, but this specific issue > with inbound http requests getting dropped as https is a little odd. > > Thanks, > Eamonn > > -------------------------- > Sent from my BlackBerry Device > > > > Confidentiality Notice: This electronic message contains information that is > privileged or confidential, is the property of QC Data, and is intended only > for the use of the intended recipient. If you are not the intended recipient, > you are hereby notified that disclosure, copying, distribution or use of this > information is prohibited. If you have received this message in error, please > delete the original message and any copy of it in your possession and notify > us by telephone or email immediately. > > QC Data (Ireland) Limited > > Registered in Ireland, Number: 158091 > VAT Registration No.: IE 6556091K > > Registered office: 70 Sir John Rogerson s Quay, Dublin 2, Republic of Ireland. > > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > -- Sincerely, Alexey Baltacov [email protected] | Tel: +972-504989954 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
