fireware w/ firebox x750e cannot passthrough https for owa

Posted on 2008-10-21
Last Modified: 2013-11-16
We recently purchased an upgrade from x500 to x750e and i cannot make the HTTPS service rule work.  No matter how I have configured the HTTPS proxy, HTTPS, or made a manual 443 rule to forward traffic to my exchange server for OWA it won't work.  Ive set it up to NAT from ANY to (external ip)--->internal IP of exchange as it is on our x500 but it won't forward the traffic getting a page cannot be displayed.  I get the error in the traffic monitor:
2008-10-21 16:05:01 Allow xx.xx.xx.xx xx.xx.xx.xx tcp 3521 443 0-External 1-Trusted Connect timeout   (HTTPS-proxy-00) HTTPS-Client rc="590" proxy_act="HTTPS-Client"       Traffic

What's going on here?

Question by:cambee72
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2

Author Comment

ID: 22772175
nevermind.  Failed to look at the OWA page expecting nothing to be wrong.  Well, I can't browse it locally so I'll be looking at that 1st.  :/

Author Comment

ID: 22772184
thats fixed.  still having the issue stated above.  
LVL 32

Expert Comment

ID: 22855992
As you have fixed one of the problems internally; has the logs changed on firewall when you attempt the connection.

Please update.

Thank you.
Increase Agility with Enabled Toolchains

Connect your existing build, deployment, management, monitoring, and collaboration platforms. From Puppet to Chef, HipChat to Slack, ServiceNow to JIRA, Splunk to New Relic and beyond, hand off data between systems to engage the right people.

Connect with xMatters.


Author Comment

ID: 22936431
I put upgrading the firewall aside to pick up on other ones.  I have rebuilt the new firewalls policies and will try it again hopefully this weekend.

Author Comment

ID: 22936433
on other issues that is.
LVL 32

Accepted Solution

dpk_wal earned 500 total points
ID: 22936785
Please update if you need any assistance with firewall configuration.

Thank you.

Author Comment

ID: 23205808
This is resolved now.  Forgot the question was open...sorry bout that.  

I was simply missing a route between the Trusted and External which I do not believe was necessary on the older firebox.


Author Comment

ID: 23205816
posted previous resolution for a different issue but this one is resolved

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : All lightning effects with instructions : http://www.mediaf…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question