RE: Firewall and Mcafee Webshiled e250

[Marc Suttle <marc.suttle () anidirect com>]

What Version of webshield are you running?

2.1?
2.5?
2.6?

If it is 2.6 what method are you using for passing traffic?  Explicit proxy,
transparent bridge, or transparent router?

M

-----Original Message-----
From: chort [mailto:chort () amaunetsgothique com]
Sent: Saturday, June 28, 2003 12:15 AM
To: Azman Jantan
Cc: security-basics () securityfocus com
Subject: Re: Firewall and Mcafee Webshiled e250


On Thu, 27 Jun 2003, Azman Jantan wrote:

> Need some help. I've got a problem in connecting our
> local LAN to the internet. Our connection is like this.
>
>
> LAN--> MCAFEE Webshield e250 --> LINUX FIREWALL --> CISCO ROUTER 2600
> -->INTERNET
>
> When i removed the MCAFEE Webshield e250 from above.
>
> LAN --> LINUX FIREWALL --> CISCO ROUTER 2600 --> INTERNET
>
> we can browse the internet. The problem occur when we put the mcafee
> websheild e250 in the above diagram..
>
>
> could you please help..URGENT..

The e250 does content filtering/blocking on web traffic.  You probably
have a mis-configuration on the HTTP scanning.  Have you tried reading
the product documentation?  Have you tried running a sniffer (Ethereal,
tcpdump, snoop, etc) on the network segment with the e250 to determine
if traffic is not getting from the inside out passed the e250, or if
the problem is that return traffic is not getting back in?

It would probably be wise to route traffic around the Webshield for now
and thoroughly check out the configuration to be certain you didn't miss
anything, before you try putting it back in-line on the network.

-- 
-chort
AKA Brian Keefer
The thoughts I express are generally piped from /dev/random,
needless to say they do not represent my fine employer:
CipherTrust, Inc - www.ciphertrust.com

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------



Disclaimer:

This message has been scanned for viruses.  No threat detected.



Disclaimer:

This message has been scanned for viruses.  No threat detected.



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------