FWM-1 (ver 3.1) wrong server's info sent back

Unanswered Question
Sep 8th, 2009
User Badges:

We have 6500 with “WS-SVC-FWM-1 6 ports Firewall Module Rev. 3.0” (FWSM Firewall Version 3.1(13)

Device Manager Version 5.0(3)F) . There is a problem regarding accessing server behind this firewall. The scenario likes this: user(client) is using URL (https) to access server, firewall will go through SSL for authentication with client, finally, client machine has this server's certificate. Our engineer has configured FWSM not issue “user accept” prompt if the authentication success. But we found that FWSM will send certain info back with server's ip address instead of URL, this causes client browser (IE 7) pup up a window to indicate that “there is a problem with this website's security certificate”. User has to click “Continue to this website” to connect to server. Is this a known issue? Any help would be greatly appreciated.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Tue, 09/08/2009 - 09:54
User Badges:
  • Gold, 750 points or more

This indicates that the client browser does not trust this certificate.

I am not sure if IE7 is the same, but you can try something similar as below to install this cert:

When you get that pop up window, click "view certificate" button to see what cert it is and then you can install it in "Trusted Root Certification Authorities" folder. Next time, you won't see this.

Gongyuan Yao Tue, 09/08/2009 - 12:33
User Badges:

Hi,

Thank you so much for your response. The issue is that as FWSM, it should return server's URL instead of server's IP address. In other browser, you might see "transition display window" (blank). Someone told me there was a bug id for this one, I just can not find it. Do you know whether this is a known issue in FWSM sw rel?

Again, Thank you so much for your time and help.

gy

Actions

This Discussion