Watchguard: files cut off at 1 Mb!?

Hi,

Weird phenomenon here (and not actually sure it's because of the firewall):

Some people on the outside need to download an XML file of several megabytes from our web server but the file is always cut off at exactly 1 Mb ...

Where could such a problem come from, firewall-wise?

Thanks a lot!
XeronimoAsked:
Who is Participating?
 
XeronimoConnect With a Mentor Author Commented:
Hm, so I've created a new firewall policy just for this one server and I've used the default HTTP Proxy-Server settings and now it works ... I still don't know which option in the modified policy is cutting of generated XML files though!?
0
 
stu29Commented:
Does this happen when you are not behind the firewall?
0
 
XeronimoAuthor Commented:
If we try to download it internally via the internal IP address of the server then it works and the file is not truncated at 1 MB.

But if we try to download it internally via the INTERNET host name then it fails as well and the file is truncated at 1 MB.

So the firewall really seems to be the cause ... ?
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
stu29Commented:
Sounds like it could be.  How are your connections getting through to your webserver?  Are you NAT-ing them through ext IP to Int IP?  Or does your server carry and Internal and External IP on separate NIC's?
0
 
XeronimoAuthor Commented:
I'm using a NAT
0
 
stu29Commented:
So it is not the server then as you connections are all hitting your internal IP.  So something in you firebox config is restricting the connections.

Connect from an External IP, and check your firewall logs for all connections from that IP address.  it will tell you what rules you are hitting and help you narrow it down.
0
 
XeronimoAuthor Commented:
The problem is that I don't see any errors in the log regarding that IP ... it seems that the 1Mb limit is activated somewhere but I don't know where!?
0
 
stu29Commented:
depending on the WG model ..

If it is a SOHO type Firewall you will have to access the debug logs (this is via the web gui .. cannot remember the exact switch .. think it may just be at the end of the logs page add /debug)

If it is a standard Firewall then using system manager you may have to enable logging of allowed connections also to catch it.
0
 
XeronimoAuthor Commented:
I have enabled logging, it's a Watchguard XTM510.
0
 
XeronimoAuthor Commented:
The problem also ONLY appears when we try to download an XML file that is generated by our web application using the external domain name ...

Random, multi-Mb XML files that we copy on that server for testing purposes get downloaded in their full size (even when downloaded via the external domain name)! Same for those generated files if we access the web app on its internal IP address.

I hope you get what I mean ...
0
 
stu29Connect With a Mentor Commented:
So you have narrowed it down .. this is good.  The only real way to track it down is to change the default policy settings one by one until you find it.  It is a pain I know .. but.

i currently don't have any WG equipment at this position so that level of detail i cannot help with (sorry).  I would start with the larger changes (adding weblocker policy etc) and then move on the Proxy rule itself.

Good luck
0
 
XeronimoAuthor Commented:
Thanks, stu!
0
 
XeronimoAuthor Commented:
I accepted my own comment as part of the solution because it helped.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.