Solved

fireware w/ firebox x750e cannot passthrough https for owa

Posted on 2008-10-21
8
594 Views
Last Modified: 2013-11-16
We recently purchased an upgrade from x500 to x750e and i cannot make the HTTPS service rule work.  No matter how I have configured the HTTPS proxy, HTTPS, or made a manual 443 rule to forward traffic to my exchange server for OWA it won't work.  Ive set it up to NAT from ANY to (external ip)--->internal IP of exchange as it is on our x500 but it won't forward the traffic getting a page cannot be displayed.  I get the error in the traffic monitor:
2008-10-21 16:05:01 Allow xx.xx.xx.xx xx.xx.xx.xx tcp 3521 443 0-External 1-Trusted Connect timeout   (HTTPS-proxy-00) HTTPS-Client rc="590" proxy_act="HTTPS-Client"       Traffic


What's going on here?

0
Comment
Question by:cambee72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
8 Comments
 

Author Comment

by:cambee72
ID: 22772175
nevermind.  Failed to look at the OWA page expecting nothing to be wrong.  Well, I can't browse it locally so I'll be looking at that 1st.  :/
0
 

Author Comment

by:cambee72
ID: 22772184
thats fixed.  still having the issue stated above.  
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 22855992
As you have fixed one of the problems internally; has the logs changed on firewall when you attempt the connection.

Please update.

Thank you.
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 

Author Comment

by:cambee72
ID: 22936431
I put upgrading the firewall aside to pick up on other ones.  I have rebuilt the new firewalls policies and will try it again hopefully this weekend.
0
 

Author Comment

by:cambee72
ID: 22936433
on other issues that is.
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 22936785
Please update if you need any assistance with firewall configuration.

Thank you.
0
 

Author Comment

by:cambee72
ID: 23205808
This is resolved now.  Forgot the question was open...sorry bout that.  

I was simply missing a route between the Trusted and External which I do not believe was necessary on the older firebox.

Thanks
0
 

Author Comment

by:cambee72
ID: 23205816
posted previous resolution for a different issue but this one is resolved
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question