Hello,
I'm trying to install a netscape proxy on the services segment of a
triple-homed firewall. The product is gauntlet 3.1.1.
TIS has a nifty idea of proxying a proxy with an attirubte <?>
called a handoff. The command looks like this:
http-gw: handoff X.X.X.X
While this looks great on paper I'm having a difficult time
making it work. I'm getting a broken pipe error msg.
I've been able to verify that the request is making it to the netscape
proxy server and in fact is going back to the gauntlet box, as it
should. The problem appears to be that it is not continuing it's
journey.
I have 3 questions:
a) Has anyone done anything like this w/ this product?
b) Since I got an error msg on the browser that indicated there was
a broken pipe I started looking in the netperm table. I found
the following:
#pipecmd
# /usr/local/etc/mgmt/ipeedit -netperm ${ip_insidiface}
${ip_outsideaddr}
#endpipecmd
I can find no documentation on the pipecmd. Does anyone know
anything about this? [ Yes, I know it's commented out.
I asked TIS about that too, but so far they haven't responded. ]
c) I noticed, in the logs on Gauntlet, that I was getting
complaints about the forward screen. Specifically, that there
wasn't an entry in the screen which matches the path b/n
the proxy server and the Gauntlet machine. I tried an authenIP
statement, but that doesn't seem to help. Does anyone know
anything about the forward screen table on Gauntlet?
Any help would be much appreciated!
marc
|
|
