Discussion:
Firewall-1 and Websense and Windows Update
(too old to reply)
Theo
2003-08-25 11:23:24 UTC
Permalink
We're running CheckPoint Firewall-1 Version 4.1 SP4 w/encryption on a
Sun box running Solaris 2.6. We're also running WebSense for
Firewall-1, Version 4.3.0.
A couple of days ago, our Windows users were unable to go to the
Microsoft Windows Update Web site
(http://v4.windowsupdate.microsoft.com). Well, they were able to go to
this page through a line on the Microsoft home page, but when they got
to the page, their browser would hang up. (Task Manager would show
"Not responding.")
We ran into a similar problem several months ago, and we solved it by
adding some Microsoft IP addresses to the WebSense bypass rule. These
IP addresses are ones we found out were for the Windows Update Web
site. We added a couple more IP addresses to the bypass rule
yesterday, and we were able to get to the site o.k. for a while, but
then we started to have problems again. Ideally, we'd like to put in a
rule for http://v4.windowsupdate.microsoft.com to be a permitted site,
but CheckPoint doesn't like domain names to be in rules.
Anyone else facing this problem? How are you dealing with it?
Thank you.
Have you been hiding in a desert without internet the last week ?

Try to follow the link to windowsupdate with a PC that is bypassing
your firewall. http://v4.windowsupdate.microsoft.com and do a
google search on something called Microsoft.Blaster

Theo
Theo
2003-08-25 11:33:21 UTC
Permalink
Post by Theo
We're running CheckPoint Firewall-1 Version 4.1 SP4 w/encryption on a
Sun box running Solaris 2.6. We're also running WebSense for
Firewall-1, Version 4.3.0.
A couple of days ago, our Windows users were unable to go to the
Microsoft Windows Update Web site
(http://v4.windowsupdate.microsoft.com). Well, they were able to go to
this page through a line on the Microsoft home page, but when they got
to the page, their browser would hang up. (Task Manager would show
"Not responding.")
We ran into a similar problem several months ago, and we solved it by
adding some Microsoft IP addresses to the WebSense bypass rule. These
IP addresses are ones we found out were for the Windows Update Web
site. We added a couple more IP addresses to the bypass rule
yesterday, and we were able to get to the site o.k. for a while, but
then we started to have problems again. Ideally, we'd like to put in a
rule for http://v4.windowsupdate.microsoft.com to be a permitted site,
but CheckPoint doesn't like domain names to be in rules.
Anyone else facing this problem? How are you dealing with it?
Thank you.
Have you been hiding in a desert without internet the last week ?
Try to follow the link to windowsupdate with a PC that is bypassing
your firewall. http://v4.windowsupdate.microsoft.com and do a
google search on something called Microsoft.Blaster
Theo
B.T.W, there is a known problem with windows update.

For one of my customers I had Checkpoint make a hotfix:
(341617) but this is for a Linux system with SP6.

If you are Checkpoint certified I advise you to browse
through the Checkpoint knowledgebase. They might
have produced a similar fix for Solaris based machines.

Theo

PS: Windowsupdate seems to be back know but
Was not reachable for me over the last couple of
days as well. (Not related to Blaster I guess), Got
a message to say thank you for your interest in
Microsoft Update and that was it.....

Loading...