Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Intergraph Manuals
  4. Software
  5. InterServe Firewall
  6. Quick start manual

Troubleshooting Techniques - Intergraph InterServe Firewall Quick Start Manual

Hide thumbs

Advertisement

6
Why can' t I ping through the firewall?
ping is an Internet Control Message Protocol (ICMP) message type, not a TCP message type. ICMP
message types are not allowed to run through the firewall. A tunnel can be created to pass ICMP, but
this is not recommended. Tunnel creation is described in the Eagle NT Configuration Guide.
Can I put a firewall between a Primary Domain Controller and a Backup
Domain Controller, or between trusted Windows NT domains?
Yes. You do this by creating a local tunnel.
FTP and Telnet are fast, but HTTP is slow. Why?
There are various reasons for this problem. First, make sure you have the latest version of the
software and all the latest patches. Determine if there is a reverse DNS lookup problem (HTTP is one
of a few TCP/IP applications that does a reverse DNS lookup). Many HTTP servers perform a reverse
DNS lookup to log the TCP host name that is requesting a connection.
Can I mount a share to the Web server outside the firewall?
Yes. See the filter descriptions in the Eagle NT Configuration Guide.
Can I put a Web server inside the firewall?
Yes, but the internal address for the Web server must be advertised outside the firewall, or you must
use a virtual address.

Troubleshooting Techniques

Do the following to troubleshoot the configuration and operation of the firewall:
Consult the support section of Raptor' s Web site at www.raptor.com.
u
If connecting to an outside Web server (for example, www.intergraph.com) does not work from
u
an inside client, try connecting by its IP address. If the IP address works, it is probably a DNS
problem. If the IP address does not work, check the firewall logfile. If there is no entry for the
attempted connection, there is a routing problem. If there is a log entry, there is not a valid allow
rule. Create an allow rule as described in the Configuration Guide.
Try pinging an outside Web server (for example, www.intergraph.com) from the firewall. If
u
this does not work, but pinging by address works, there is most likely a problem on the internal
DNS server; you' ve configured a dual-zone DNS (described in the Eagle NT Configuration
Guide). The query from the firewall should go to the internal DNS server. (Remember that, for
Eagle NT to resolve internal DNS names, it must query the internal server.)
Since the internal DNS server will not find an entry for the outside Web server, it will forward
the request back to the DNS server on the firewall. The firewall then queries a root server.
When the firewall receives the response, it forwards it back to the internal DNS server, which
then sends the results back to the firewall.
Always make sure you have the correct version of software and all the latest patches.
u

Advertisement

loading
Need help?

Need help?

Do you have a question about the InterServe Firewall and is the answer not in the manual?

Related Manuals for Intergraph InterServe Firewall

Related Products for Intergraph InterServe Firewall