Solved

Watchguard: files cut off at 1 Mb!?

Posted on 2013-11-27
13
292 Views
Last Modified: 2013-12-11
Hi,

Weird phenomenon here (and not actually sure it's because of the firewall):

Some people on the outside need to download an XML file of several megabytes from our web server but the file is always cut off at exactly 1 Mb ...

Where could such a problem come from, firewall-wise?

Thanks a lot!
0
Comment
Question by:Xeronimo
  • 8
  • 5
13 Comments
 
LVL 9

Expert Comment

by:stu29
ID: 39681894
Does this happen when you are not behind the firewall?
0
 

Author Comment

by:Xeronimo
ID: 39683018
If we try to download it internally via the internal IP address of the server then it works and the file is not truncated at 1 MB.

But if we try to download it internally via the INTERNET host name then it fails as well and the file is truncated at 1 MB.

So the firewall really seems to be the cause ... ?
0
 
LVL 9

Expert Comment

by:stu29
ID: 39690064
Sounds like it could be.  How are your connections getting through to your webserver?  Are you NAT-ing them through ext IP to Int IP?  Or does your server carry and Internal and External IP on separate NIC's?
0
 

Author Comment

by:Xeronimo
ID: 39690126
I'm using a NAT
0
 
LVL 9

Expert Comment

by:stu29
ID: 39692372
So it is not the server then as you connections are all hitting your internal IP.  So something in you firebox config is restricting the connections.

Connect from an External IP, and check your firewall logs for all connections from that IP address.  it will tell you what rules you are hitting and help you narrow it down.
0
 

Author Comment

by:Xeronimo
ID: 39698195
The problem is that I don't see any errors in the log regarding that IP ... it seems that the 1Mb limit is activated somewhere but I don't know where!?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 9

Expert Comment

by:stu29
ID: 39698308
depending on the WG model ..

If it is a SOHO type Firewall you will have to access the debug logs (this is via the web gui .. cannot remember the exact switch .. think it may just be at the end of the logs page add /debug)

If it is a standard Firewall then using system manager you may have to enable logging of allowed connections also to catch it.
0
 

Author Comment

by:Xeronimo
ID: 39698323
I have enabled logging, it's a Watchguard XTM510.
0
 

Author Comment

by:Xeronimo
ID: 39698342
The problem also ONLY appears when we try to download an XML file that is generated by our web application using the external domain name ...

Random, multi-Mb XML files that we copy on that server for testing purposes get downloaded in their full size (even when downloaded via the external domain name)! Same for those generated files if we access the web app on its internal IP address.

I hope you get what I mean ...
0
 

Accepted Solution

by:
Xeronimo earned 0 total points
ID: 39700432
Hm, so I've created a new firewall policy just for this one server and I've used the default HTTP Proxy-Server settings and now it works ... I still don't know which option in the modified policy is cutting of generated XML files though!?
0
 
LVL 9

Assisted Solution

by:stu29
stu29 earned 500 total points
ID: 39700750
So you have narrowed it down .. this is good.  The only real way to track it down is to change the default policy settings one by one until you find it.  It is a pain I know .. but.

i currently don't have any WG equipment at this position so that level of detail i cannot help with (sorry).  I would start with the larger changes (adding weblocker policy etc) and then move on the Proxy rule itself.

Good luck
0
 

Author Comment

by:Xeronimo
ID: 39700761
Thanks, stu!
0
 

Author Closing Comment

by:Xeronimo
ID: 39710821
I accepted my own comment as part of the solution because it helped.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now