may be you have enabled SSL VPN? it uses the same 443... On Tue, Oct 4, 2011 at 9:43 AM, <[email protected]> wrote: > Hi, > > there is some service which is reaping the port 443 from httpd: > Oct 1 00:45:00 fwxx <daemon.[LOG_NOTICE]> pm[250]: Reaped: httpd[2213] > Oct 1 00:45:00 fwxx <daemon.[LOG_NOTICE]> pm[250]: Scheduled httpd for +1 > secs > Oct 1 00:45:01 fwxx <daemon.[LOG_NOTICE]> pm[250]: Restarted > /bin/httpd[3866], count=2 > > After moving the ssl port of the voyager to f.e. 4433 I´m able again to > connect to voyager again. > > Best regards > Frank Sackewitz > > > > From: Alexey Baltacov <[email protected]> > To: [email protected] > Date: 02.10.2011 09:22 > Subject: Re: [FW-1] Odd http requests after upgrade to R75.20 > Sent by: Mailing list for discussion of Firewall-1 > <[email protected]> > > > > Hi, > I got the pretty similar problem with several WEB servers. > The server was configured as "WEB Server" and "protected by = ANY" > Once the server wasn't protected by same gateway I have upgraded > (several gateways managed by same Smart Center) - I changed the > "protected by" to same gateway really protects it and now all working. > In case it will not solve you problem - try to configure type of web > server you are using or uncheck the "web server" checkbox until > Checkpoint will solve it. > Alexey > > On Fri, Sep 30, 2011 at 2:03 AM, Eamonn Twohig <[email protected]> wrote: >> Hi all, >> >> We've a bit of an oddity here after upgrading our firewalls to R75.20 > from R65 HFA70. Management Server was done about 10 days ago whilst > gateways were done in the last two days. >> >> Since the upgrade of one of the gateways yesterday, everything seemed to > be working as previous until we discovered that no-one could access our > website anymore. A quick investigation, using tcpdump and fw monitor, > revealed that the firewall was dropping all https requests when hitting > the external IP of the web server. Which is the weird thing, because > no-one is sending https requests, only http. It seems that the firewall is > somehow converting http requests to https and then obviously dropping them > as our rulebase will only allow http. There are no problems accepting and > forwarding smtp traffic; there are no problems for anyone doing udp > lookups against our dns server; no problems for anyone hitting our ftp > server. Only the web server is causing us grief. >> >> We've opened a support case with Check Point but so far, they are > stumped. This mailing list has some experienced people as members though, > so thought I'd ask ye too. Has anyone seen something like this before? >> >> If all resources on the DMZ were inaccessible then that would make more > sense, or at least make it easier to troubleshoot, but this specific issue > with inbound http requests getting dropped as https is a little odd. >> >> Thanks, >> Eamonn >> >> -------------------------- >> Sent from my BlackBerry Device >> >> >> >> Confidentiality Notice: This electronic message contains information > that is privileged or confidential, is the property of QC Data, and is > intended only for the use of the intended recipient. If you are not the > intended recipient, you are hereby notified that disclosure, copying, > distribution or use of this information is prohibited. If you have > received this message in error, please delete the original message and any > copy of it in your possession and notify us by telephone or email > immediately. >> >> QC Data (Ireland) Limited >> >> Registered in Ireland, Number: 158091 >> VAT Registration No.: IE 6556091K >> >> Registered office: 70 Sir John Rogerson s Quay, Dublin 2, Republic of > Ireland. >> >> >> Scanned by Check Point Total Security Gateway. >> >> ================================================= >> To set vacation, Out-Of-Office, or away messages, >> send an email to [email protected] >> in the BODY of the email add: >> set fw-1-mailinglist nomail >> ================================================= >> To unsubscribe from this mailing list, >> please see the instructions at >> http://www.checkpoint.com/services/mailing.html >> ================================================= >> If you have any questions on how to change your >> subscription options, email >> [email protected] >> ================================================= >> > > > > -- > Sincerely, > > Alexey Baltacov > [email protected] | Tel: +972-504989954 > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > > > > > > > > > > Besuchen Sie HASCO auf der FAKUMA 2011 in Friedrichshafen vom 18. - 22. > Oktober 2011 , Halle A2 / Stand 2202. > > > Abonnieren Sie jetzt unseren Newsletter und bleiben Sie stets up-to-date! > > HASCO Hasenclever GmbH + Co KG | Sitz: Lüdenscheid | Geschäftsführung | > Mag. Christoph Ehrlich | HRA 3072 AG Iserlohn | PhG: Hasenclever GmbH | > HRB 4493 AG Iserlohn | Ust-IdNr. DE 125796912 | Zertifiziert nach DIN EN > ISO 9001 | -DE- > > Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte > Informationen. Wenn Sie nicht der richtige Adressat sind, oder diese > E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den > Absender und vernichten diese Mail. Das unerlaubte Kopieren oder die > unbefugte Weitergabe dieser Mail ist nicht gestattet. > > This e-mail may contain confidential and/or privileged information. If you > are not the intended recipient (or have received this e-mail in error) > please notify the sender immediately and destroy this e-mail. Any > unauthorized copying, disclosure or distribution of the material in this > e-mail is strictly forbidden. > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > Scanned by Check Point Total Security Gateway. >
-- Sincerely, Alexey Baltacov [email protected] | Tel: +972-504989954 Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
