IIS SSL spoof detected by firewall

IIS SSL spoof detected by firewall

am 17.07.2007 01:59:54 von Bob Jones

Hi all,

I'm supporting an external web site with IIS6 and SSL on a server with
Windows 2003 (dual nic cards). There is an internal web application on the
same box using one of the NIC cards, which is behind the firewall and not
accessible to the net. The external site is using the other card, which has
an internet address, and is sitting in a DMZ on the firewall.

I'm having trouble activating the web site because the firewall detects a
spoof during login. It appears like the response is going out the primary
nic card (mac address reported by the firewall) instead of the correct card.

NLB is not installed on the primary nic card. Each card has it own DNS
specific connection suffix.

The NIC cards are both on the Netserver lp1000 motherboard.

I'm out of ideas, can anyone help or point me in the right direction?

Thanks,

rljones39

Re: IIS SSL spoof detected by firewall

am 17.07.2007 03:31:44 von Ken Schaefer

Do you have "default gateways" configured on both NICs?

you should have only a single default gateway (on one of the NICs), and
configure static routes for all other non-local subnets and have them routed
through the other NIC

Cheers
Ken

"Bob Jones" wrote in message
news:uM8OoVAyHHA.748@TK2MSFTNGP04.phx.gbl...
> Hi all,
>
> I'm supporting an external web site with IIS6 and SSL on a server with
> Windows 2003 (dual nic cards). There is an internal web application on
> the same box using one of the NIC cards, which is behind the firewall and
> not accessible to the net. The external site is using the other card,
> which has an internet address, and is sitting in a DMZ on the firewall.
>
> I'm having trouble activating the web site because the firewall detects a
> spoof during login. It appears like the response is going out the primary
> nic card (mac address reported by the firewall) instead of the correct
> card.
>
> NLB is not installed on the primary nic card. Each card has it own DNS
> specific connection suffix.
>
> The NIC cards are both on the Netserver lp1000 motherboard.
>
> I'm out of ideas, can anyone help or point me in the right direction?
>
> Thanks,
>
> rljones39
>
>
>