Sidewinder errors. - Firewalls

This is a discussion on Sidewinder errors. - Firewalls ; HI all. Dear we are using a lot of SWG2 appliances as proxies for filtering. some time we got the following errors: "ERROR Access Denied -------------------------------------------------------------------------------- Access Denied by security policy The security policy for your network prevents your request ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Sidewinder errors.

  1. Sidewinder errors.

    HI all.
    Dear we are using a lot of SWG2 appliances as proxies for filtering.

    some time we got the following errors:

    "ERROR
    Access Denied

    --------------------------------------------------------------------------------

    Access Denied by security policy
    The security policy for your network prevents your request from being
    allowed at this time. Please contact your administrator if you feel
    this is incorrect.
    "
    and some times

    ERROR
    Proxy Error
    ________________________________________
    The proxy encountered an error.
    Please try again later.

    does any body face it before?
    what does those errors mean? and is there a feature that will help to
    get the details of the box which is causing that issues?


  2. Re: Sidewinder errors.

    On 7 Feb 2007 02:20:50 -0800, "besmile" wrote:

    >HI all.
    >Dear we are using a lot of SWG2 appliances as proxies for filtering.
    >
    >some time we got the following errors:
    >
    >"ERROR
    >Access Denied
    >
    >--------------------------------------------------------------------------------
    >
    >Access Denied by security policy
    >The security policy for your network prevents your request from being
    >allowed at this time. Please contact your administrator if you feel
    >this is incorrect.


    Are you using smartfilter? If so, you may need to adjust your application
    defenses or possibly reconfigure allowed sites within smartfilter.


    >and some times
    >
    >ERROR
    >Proxy Error
    >________________________________________
    >The proxy encountered an error.
    >Please try again later.


    You may need to adjust the number of proxy connections allowed for the
    proxy; it's possible that you simply don't have enough proxies configured
    to handle the traffic.


    >does any body face it before?
    >what does those errors mean? and is there a feature that will help to
    >get the details of the box which is causing that issues?


    man showaudit
    and/or
    use the audit viewing function within cobra.

  3. Re: Sidewinder errors.

    On Wed, 07 Feb 2007 13:23:44 -0500, Default User
    wrote:

    >On 7 Feb 2007 02:20:50 -0800, "besmile" wrote:
    >
    >>HI all.
    >>Dear we are using a lot of SWG2 appliances as proxies for filtering.
    >>
    >>some time we got the following errors:
    >>
    >>"ERROR
    >>Access Denied
    >>
    >>--------------------------------------------------------------------------------
    >>
    >>Access Denied by security policy
    >>The security policy for your network prevents your request from being
    >>allowed at this time. Please contact your administrator if you feel
    >>this is incorrect.

    >
    >Are you using smartfilter? If so, you may need to adjust your application
    >defenses or possibly reconfigure allowed sites within smartfilter.
    >
    >
    >>and some times
    >>
    >>ERROR
    >>Proxy Error
    >>________________________________________
    >>The proxy encountered an error.
    >>Please try again later.

    >
    >You may need to adjust the number of proxy connections allowed for the
    >proxy; it's possible that you simply don't have enough proxies configured
    >to handle the traffic.
    >
    >
    >>does any body face it before?
    >>what does those errors mean? and is there a feature that will help to
    >>get the details of the box which is causing that issues?

    >
    >man showaudit
    >and/or
    >use the audit viewing function within cobra.


    When this is happening do the following
    cf set loglevel=4

    tcpdump -npi (interneal interface em1) -s 1500 -X -w filename
    while this is running trying accessing the site that that is giving
    you trouble. When you get the "Access Denied"
    do a ctl c

    start another ssh to the firewall and do a
    acat -ak

    Look for the "Access Denied"
    review the filename for any denies.

    Don't forget to reset
    cf set loglevel=2

    Cheers.

+ Reply to Thread