Gemini3

Reactions

0 Promote 1 Like 0 Boom 0 LOL 0 Spam 0 Abuse

Comments

The cause was wrong requests from the other side. After hours of investigation the sender conceded the requests has been sent wrongly.

in Forwarding rule misrouted at times Comment by Gemini3 November 2020
Reboot helped. Thank you Bruce. Yes, dump to file might be a better choice.

in pxy Failed to find policy for id = Comment by Gemini3 October 2020
Bruce, there is no client PC, the requests come automatically from an ERP system.

in Forwarding rule misrouted at times Comment by Gemini3 October 2020
Thank you for pointing to TCPDump. I have started it. However there might be not much to dump until next working day. What is confusing to me, how can an identical request be sucessfull sometime and sometime fail.

in Forwarding rule misrouted at times Comment by Gemini3 October 2020
Set up a 2nd rule to forward https-traffic to the internal server on port 80. The result is still the same. The Logs show http- and https-traffic, but the Customerinsists that all requests are http. Three lines that show successfull request on both http- and https. 2020-10-02 08:31:10 FWAllow, Allowed, pri=4, disp=Allow,…

in Forwarding rule misrouted at times Comment by Gemini3 October 2020
Accidentally deleted the post :-( Yes, but the customer insists that all requests are http Port 80. After setting up the https-rule, the requests are successfull before they fail for a while. This is the same behavior like before. Requests on port 80 for a single Customer are successful, then fail for a period of time,…

in Forwarding rule misrouted at times Comment by Gemini3 October 2020
Took some time testing but still the same so far. The requests from that customer work fine, but suddenly there is ab period of time alls requests fail. I then put a second rule natting https-traffic to the destination on port 80, hoping that this will solve the issue. The logs show, that https-traffic come is forwardet to…

in Forwarding rule misrouted at times Comment by Gemini3 October 2020
Hi Gregg and James, Thanks your suggestions. I forgot to mention that the connections don't come from a browser but from a Java application. The requesting URL is explicitly http://aaa.bbb.... Strange thing that all other customers don't report errors. Requests from that one customer are successful but suddenly fails for a…

in Forwarding rule misrouted at times Comment by Gemini3 September 2020
LDAP signing and LDAPS are different. LDAPS requires certificates. Using it entails a siew of changes (CA etc.). Activating LDAPS in AD settings leads to authentication failure.

in LDAP Channel binding & signing Comment by Gemini3 September 2020
Bruce, you're absolutely right. Got wrong IP from the Service Provider :/ Now it works like a charm.

in SSL VPN some traffic through VPN Comment by Gemini3 September 2020
I just add our SSLVPN 192.168.113.0/24 even the range is already include in 192.168.0.0/16.

in SSL VPN some traffic through VPN Comment by Gemini3 September 2020
It seems to work. We can test more tomorrow. Thank you! The SSLVPN net was not in the DNAT settings.

in SSL VPN some traffic through VPN Comment by Gemini3 September 2020