A problem wherein a https website hosted inside one of the dmz segments is not working from the web.
I did some captures but they dont let me anywhere.
Internet--Router--Level1Firewall--Level2Firewall(module on 6509)--Router(leaseline link)--Router(LL link)--Core Switch--Firewall3
The server is on dmz leg of Firewall3. Rules are put in place to ensure traffic is allowed on Level1/Level 2 firewall & firewall 3.
Nat is being used on the level 1 firewall. i can see the traffic request on level 2 firewall towards the server. But none on the Firewall 3. ping connectivity from Level1firewall to this server and back is good.
nat bypass rules & static translation is been put on firewall3.
Request will get in to Firewall 3 by an interface called local and then it should go to the dmz zone to fetch the page.
I tried geting capture on level 3 firewall by having acl placed on the local interface as well as dmz interface. I can see the request towards server but only with Syn set.
Nothing else is seen on firewall 3 or on Level2 firewall. Which interface and how should the capture be applied for best results.