PIXOS 7.2(1) blocking web traffic?

plwalsh · ‎05-10-2007

Clients on our LAN access websites using web proxy servers. One website (that is accessible from other LANs) does not work either through the proxy or directly.

I can see conns (state table entries) between the clients and the site but no I flag to show inbound data:

TCP out 208.111.4.7:80 in 10.10.2.17:2747 idle 1:44:44 bytes 920 flags UfO

TCP out 208.111.4.7:80 in 10.10.1.194:43022 idle 1:15:06 bytes 1038 flags UfO

The firewall rules allow access to any website.

Has anyone had similar issues with their firewall? Can anyone advise me on how to check if the firewall is filtering return traffic from the website?

hoogen_82 · ‎05-10-2007

If your firewall is permiting you to setup connections to websites on port 80 your fine your firewall would not block return traffic.

Post your configuration. One suggestion upgrade to 7.2.2.

HTH

Hoogen

vitripat · ‎05-10-2007

The flags in the above connections is showing that a "FIN" has been sent by the host on inside.

f - inside FIN

Need to find why the inside client is sending a FIN for the connection. Configuration and syslogs will help.

Regards,

Vibhor.

plwalsh · ‎05-16-2007

Thaks for the replies. I am upgrading to 7.2(2). The inside clients FIN'd the connections as there was no INBOUND data received from the webserver. The website admin has informed me that they are having some DNS problems that may be the cause.