Firewalls: Re: Gauntlet - How good is it?

Firewalls
(June 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Gauntlet - How good is it?
From:	"Rick Murphy" <rick @ trusted . com>
Date:	Fri, 28 Jun 1996 09:23:45 EDT
To:	Michael Dillon <michael @ memra . com>
Cc:	Ray Price <ray @ mattec . com>, firewalls @ greatcircle . com
In-reply-to:	Your message of "Thu, 27 Jun 1996 16:59:56 EDT."

Michael Dillon wrote:
> On Thu, 27 Jun 1996, Ray Price wrote:
> 
> >         2) Internet Explorer 2.0, on Windows 95 can not be used to access
> > most Secure HTTP sites.
> 
> Are you sure this works with the same sites if you try it outside a
> firewall? Since MS is already shipping IE 3.0, perhaps this is just a bug
> that has since been fixed. 

You can argue this either way. In fact, it works fine with
Internet Explorer 2.0 for Windows 3.1 so you *could* say it's a MS bug.

The problem is a simple one - Internet Explorer 2.0 for Windows 95 does
not have the ability to configure a proxy for SSL accesses - it always
tries to contact the remote site directly. Given that, SSL access won't
work unless you arrange the routes so that the SSL access is routed to
the firewall (which then runs a plug proxy to the remote SSL site.)
If you can't configure the route to the remote SSL site to pass through
the firewall, the site can't be reached. That'll happen regardless of
what firewall you're using. If you can use transparency, setting up a
SSL plug on the firewall is easy and works fine with IE2/W95.

Indexed By Date	Previous:	[no subject] From: dehtpnmk @ ibmmail . com
Indexed By Date	Next:	Background on NCSA FW Cert [VERY LONG] From: Ira Winkler <winkler @ ns . ncsa . com>
Indexed By Thread	Previous:	Re: Gauntlet - How good is it? From: Rolf Weber <weber @ iez . com>
Indexed By Thread	Next:	CIFS - To Firewall or not to Firewall ? From: Darren Reed <avalon @ coombs . anu . edu . au>