Thanks Gus, none of that helped, I even defaulted the pass through filters. I can see a "Close outbound, NAT" in my logs, but no errors related to that. I get one each time I attempt to connect. I cleaned up the public Ips to protect the innocent, but the log statement is here:
Oct 18 09:14:02 pri=5 msg="Close outbound, NAT" proto=443/tcp src=10.2.210.1 srcport=2909 nat=XX.XX.XX.XX natport=2909 dst=XX.XX.XX.XX dstport=443 rule=3 duration=48 sent=253 rcvd=164 pkts_sent=5 pkts_rcvd=4 Anyone else have any thoughts? Bob -----Original Message----- From: Gus Zader [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 18, 2005 8:54 AM To: Reasoner, Bob (PHES) Subject: RE: [gb-users] OWA anomaly The problem still seems to be around there though. Only because you say you get a cert warning from one connection, but you never get that far with the other one. Are your pass through / NAT setups correct? One of my rules is: # Pass through from Protected to PSN Accept notice "PROTECTED" ALL coalesce(all) trafficShaping <DEFAULT> weight 5 from ANY_IP to ANY_IP In the pass through section. It helped prevent some issues where we couldn't maintain consistent. Let the list know what ends up helping. Gus -----Original Message----- From: Reasoner, Bob (PHES) [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 18, 2005 8:15 AM To: Gus Zader Subject: RE: [gb-users] OWA anomaly No. We hit SSL all over. As I indicated I defaulted the outbound filters to ensure that it wasn't related to filter issues. Bob -----Original Message----- From: Gus Zader [mailto:[EMAIL PROTECTED] Sent: Monday, October 17, 2005 3:23 PM To: Reasoner, Bob (PHES) Subject: RE: [gb-users] OWA anomaly Any chance you are blocking the SSL port? -----Original Message----- From: Reasoner, Bob (PHES) [mailto:[EMAIL PROTECTED] Sent: Monday, October 17, 2005 12:47 PM To: [email protected] Subject: [gb-users] OWA anomaly I'm looking for a little help here that maybe someone else has run into. Since upgrading to GBWare 3.70 we are having trouble getting to an external Outlook Web Access (Exchange 5.5) server. The odd part is that I can get to it from my DMZ, but not from my protected network. IE 6 just gives a "The page cannot be displayed" error. Firefox says "The remote server disconnected unexpectedly". I have reset the outbound filters to default to verify it wasn't an incorrectly formulated filter, but that didn't make a difference. Obviously, there are physical differences between the Protected network and the DMZ network (different switches and subnets), but nothing that I can identify that would make this occur. I have tried this with and without a proxy server on the protected network and either way I get the same response. I don't know that it is directly related to the GBWare 3.7 upgrade, but that is the time frame that this started (based on user reports). This particular OWA server is a Military site that some of our Reservists have to access to verify schedules etc. and that site is using a private SSL certificate. In the DMZ you get the warning about not having Installed the certificate then it loads fine, but in the private you never get the certificate warning. Anyone out there have any suggestions? ________________________________ Bob Reasoner Harris County Public Health & Environmental Services ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
