Solved

Watchguard: files cut off at 1 Mb!?

Posted on 2013-11-27
13
291 Views
Last Modified: 2013-12-11
Hi,

Weird phenomenon here (and not actually sure it's because of the firewall):

Some people on the outside need to download an XML file of several megabytes from our web server but the file is always cut off at exactly 1 Mb ...

Where could such a problem come from, firewall-wise?

Thanks a lot!
0
Comment
Question by:Xeronimo
  • 8
  • 5
13 Comments
 
LVL 9

Expert Comment

by:stu29
ID: 39681894
Does this happen when you are not behind the firewall?
0
 

Author Comment

by:Xeronimo
ID: 39683018
If we try to download it internally via the internal IP address of the server then it works and the file is not truncated at 1 MB.

But if we try to download it internally via the INTERNET host name then it fails as well and the file is truncated at 1 MB.

So the firewall really seems to be the cause ... ?
0
 
LVL 9

Expert Comment

by:stu29
ID: 39690064
Sounds like it could be.  How are your connections getting through to your webserver?  Are you NAT-ing them through ext IP to Int IP?  Or does your server carry and Internal and External IP on separate NIC's?
0
 

Author Comment

by:Xeronimo
ID: 39690126
I'm using a NAT
0
 
LVL 9

Expert Comment

by:stu29
ID: 39692372
So it is not the server then as you connections are all hitting your internal IP.  So something in you firebox config is restricting the connections.

Connect from an External IP, and check your firewall logs for all connections from that IP address.  it will tell you what rules you are hitting and help you narrow it down.
0
 

Author Comment

by:Xeronimo
ID: 39698195
The problem is that I don't see any errors in the log regarding that IP ... it seems that the 1Mb limit is activated somewhere but I don't know where!?
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 9

Expert Comment

by:stu29
ID: 39698308
depending on the WG model ..

If it is a SOHO type Firewall you will have to access the debug logs (this is via the web gui .. cannot remember the exact switch .. think it may just be at the end of the logs page add /debug)

If it is a standard Firewall then using system manager you may have to enable logging of allowed connections also to catch it.
0
 

Author Comment

by:Xeronimo
ID: 39698323
I have enabled logging, it's a Watchguard XTM510.
0
 

Author Comment

by:Xeronimo
ID: 39698342
The problem also ONLY appears when we try to download an XML file that is generated by our web application using the external domain name ...

Random, multi-Mb XML files that we copy on that server for testing purposes get downloaded in their full size (even when downloaded via the external domain name)! Same for those generated files if we access the web app on its internal IP address.

I hope you get what I mean ...
0
 

Accepted Solution

by:
Xeronimo earned 0 total points
ID: 39700432
Hm, so I've created a new firewall policy just for this one server and I've used the default HTTP Proxy-Server settings and now it works ... I still don't know which option in the modified policy is cutting of generated XML files though!?
0
 
LVL 9

Assisted Solution

by:stu29
stu29 earned 500 total points
ID: 39700750
So you have narrowed it down .. this is good.  The only real way to track it down is to change the default policy settings one by one until you find it.  It is a pain I know .. but.

i currently don't have any WG equipment at this position so that level of detail i cannot help with (sorry).  I would start with the larger changes (adding weblocker policy etc) and then move on the Proxy rule itself.

Good luck
0
 

Author Comment

by:Xeronimo
ID: 39700761
Thanks, stu!
0
 

Author Closing Comment

by:Xeronimo
ID: 39710821
I accepted my own comment as part of the solution because it helped.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now