topic Published service consumption problems. in Firewall and Security Management

Published service consumption problems.

Matlu — Wed, 12 Jul 2023 18:36:45 GMT

Hello, everyone.

I am currently having a problem with accessing a web service.

We have an explicit rule that allows any Internet IP to access our published server, which has the domain name zonasegura.bn.com.pe.

The problem is that the Firewall is not processing the traffic with the explicit rule, and is sending all the traffic to the last rule of the rule base (Implicit rule).

Does anyone know how to correct this behavior?
I have a Cluster R81.10 with JHF take 87

I share images of the explicit rule, the CLEANUP rule, and the output of the command "fw ctl zdebug + drop | grep <ANY>".

Cheers. 🙂

Re: Published service consumption problems.

the_rock — Wed, 12 Jul 2023 18:50:17 GMT

Drop logs give you an answer. Its dropping on port 80, NOT 443, so you have to add port 80 to the rule. Make sure NAT is in place as well.

Andy

Re: Published service consumption problems.

Matlu — Wed, 12 Jul 2023 19:09:36 GMT

The strange thing is that this service has always been consumed by the 443 (You open a browser and put the URL in https).

Suddenly the service stopped working.

Some users from the Internet report that the page takes too long to load, and others report that the same thing happens to them as to me, it just doesn't load.

The client tells me that this service should be consumed by the 443 and not by the 80, but in the Firewall nothing has been touched.

Re: Published service consumption problems.

the_rock — Wed, 12 Jul 2023 19:10:58 GMT

I would add port 80 based on what I see in the logs.

Andy

Re: Published service consumption problems.

PhoneBoy — Thu, 13 Jul 2023 22:18:15 GMT

Looks like the destination IP in the debug and the IP in the rule is different...maybe adjust the object OR use an FQDN Domain Object?