Firewalls: Firewall 1 - Problems with redirects...

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Firewall 1 - Problems with redirects...
From:	Pam Perdue <SOPERDP @ so . cc . va . us>
Date:	Thu, 12 Sep 1996 10:58:54 -0400
To:	firewalls @ greatcircle . com

Greetings,

I would like to request the assistance of this wonderful discussion group as we are completing the final
phase of testing Firewall-1.  The Host configuration is Firewall-1 v2.0, on Sparc 5, SUNOS v5.x with two 16mb
token ring cards.  The Intranet consists of remote sites which currently pass through a Crosscomm router
at the remote location to a Crosscomm router at the Host location then onto token ring LAN.

The problem:

Remote PC on Remote Token Ring LAN attempts to access WEB server located at Host LAN and never
receives data.  Sniffed the packet and this is what we got:

Source                                 Destination

164.106.remote.pc          www.webserver      (SYN SEQ=####, TCP D=80)
www.webserver            164.106.remote.pc    (SYN ACK=###, TCP D=1635)
www.webserver             164.106.remote.pc   (SYN ACK=###, transport retransmission, TCP D=1635)
164.106.remote.pc          www.webserver      (SYN ACK=###, transport retransmission, TCP D=80)
www.webserver            164.106.remote.pc    (SYN SEQ=###, TCP D=1635)
164.106.firewall                www.webserver     (ACK=####, redirect host ICMP Redirect)
 (Redirect datagrams for the host )
www.webserver            164.106.remote.pc    (2 routers to local station, TCP D=1635)
www.webserver            164.106.remote.pc    (URG ACK, TCP D=1635)
164.106.remote.pc           www.webserver     (SYN ACK, TCP D=80)
www.webserver            164.106.remote.pc    (SYN SEQ=###, TCP D=1635)
164.106.firewall                www.webserver     (ACK=###, Redirect host ICMP Redirect)
 (Redirect datagrams for the host)
www.webserver             164.106.remote.pc  (TCP D=1635)
www.webserver            164.106.remote.pc   (URG ACK=###, TCP D=1635)
164.106.remote.pc           www.webserver     (SYN ACK, TCP D=80)
www.webserver            164.106.remote.pc    (SYN SEQ=###, TCP D=1635)
164.106.firewall                www.webserver     (ACK=###, Redirect host ICMP Redirect)
 (Redirect datagrams for the host)
repeat above 5 lines, the barf


Additional information:
Data from WEBserver never reaches remote PC and is not visible on the Firewall-1 log viewer.  Also, if the
Firewall is stopped, remote pc receives data from WEBserver, yet still redirects 3 times.

Any suggestions would be appreciated.

TIA,
Pam


Internet: SOPERDP @
 SO .
 CC .
 VA .
 US
Phone:    804-225-2348
Fax:        804-371-2330

Indexed By Date	Previous:	Netware/IP through a firewall From: "Mike Richichi, Systems Manager, Drew U Academic Technology"" -a"@services.britgas.co.uk
Indexed By Date	Next:	Re: smap alternative? From: "Frederik H. Andersen" <fha @ dde . dk>
Indexed By Thread	Previous:	Re: Netware/IP through a firewall From: Charles Ragan <ragan @ INS . COM>
Indexed By Thread	Next:	"Cooltalk" / "Netmeeting" concerns? From: "Kenneth W. Betcher" <kbetcher @ City . Winnipeg . MB . CA>