mgraves

Reactions

0 Promote 0 Like 0 Boom 0 LOL 0 Spam 0 Abuse

Comments

  • Thanks Bruce. Rebooting the cluster resolved the DNS resolution requests against the old DNS servers.
    in Problems Changing DNS - Reputation Authority Comment by mgraves May 2019
  • Wireshark shows DNS resolution requests against the old DNS servers from the Firebox for repauth.watchguard.com -- that's why I was guessing Reputation Authority. Again, I'm trying to figure out where the old DNSes are stored for this activity.
    in Problems Changing DNS - Reputation Authority Comment by mgraves May 2019
  • What's the domain?
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • The new CSP v12.4.B592447 resolves the https://trust.cdc.gov issue for me in all browsers!
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • That was a proposed work-around suggested to me when I opened the bug report (see below). However, that does not work for the site I was trying to access (at lest on the test build I'm running): https://trust.cdc.gov On you system, if you use Chrome and try to access https://trust.cdc.gov do you get a communications error,…
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Heard back from Support: It was reported that you are unable to go to certain Https sites from Google Chrome. This is currently a known issue that our Engineering team is working on. (FBX-16203) For proper case tracking and notifications, I will set the status of this case to 'Bug/Enhancement Submitted'. This allows you to…
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Will do. BTW, when accessing from home, on any browser, I can communicate with the server.
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Snippet of Chrome (Not Working) Logs: 2019-04-10 17:03:07 Member1 https-proxy 0x2ef83e0-2349245 https_domain_name_check matching rule against ip: 198.246.102.45 Debug 2019-04-10 17:03:07 Member1 https-proxy 0x376d520-1779045 58119456:1779045: nondata event 'CHAN_READ_BLOCKED: 887: 10.0.1.175:18582 -> 198.246.102.45:443 [A…
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Ryan, I'm not seeing that particular error in my logs. The problem is accessing the https://trust.cdc.gov website (the actual URL is very long, but is not required to for the test). If I access via Firefox, it communicates with the server and lets me know I didn't pass the URL variables with this message: Secure Proxy…
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • FWIW, staff said they were able to access before the upgrade. I see this in my logs if it helps: 2019-04-10 13:21:50 Member1 pxy 0x429d450-1444029 connect failed Connection refused 4843: 10.0.1.175:29591 -> 198.246.102.45:80 [A] {B} | 5282: 209.116.152.2:29591 -> 198.246.102.45:80 [!B c] {B}[P] Debug
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Actually, that is what you should see -- I didn't include all the extra parameters. So you are able to communicate with that server. I only get that in Firefox, other browsers give me a error: This site can’t provide a secure connection trust.cdc.gov sent an invalid response. Try running Windows Network Diagnostics.…
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Bruce, another oddball for you. Can you access https://trust.cdc.gov from Chrome, IE, or Edge. In Chome, IE, and Edge, I get security issues. In Firefox, the communication works fine (you will get a server side exception) but the site does respond. Testing in Chome, IE, and Edge outside of the FB works fine.
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019
  • Looks like the PFS Ciphers=Allow was the trick. As always Bruce, thanks for the quick reply.
    in Firefox Problems after upgrading to v12.4 Comment by mgraves April 2019