RE: [fw-wiz] UPS Worldship connection problems with new firewall device

• Previous message: List Account: "RE: [fw-wiz] UPS Worldship connection problems with new firewall device"
• In reply to: List Account: "RE: [fw-wiz] UPS Worldship connection problems with new firewall device"
• Next in thread: Chris Hunhoff: "RE: [fw-wiz] UPS Worldship connection problems with new firewall device"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: List Account <list.account@cerdant.com>, firewall-wizards@honor.icsalabs.com
Date: Sun, 28 Aug 2005 11:52:24 -0700 (PDT)

Thank you Nathan, Paul, Bruce and Keith for giving
some of your insights on what to do.

Before posting to this prestigeous group. I called UPS
technical support and was told to allow ports 80 and
443 on the firewall. So, I created/added a rule named
UPS to do that which allows the network 153.2.x.x to
LAN to pass through on said ports.

I have also called technical support of SonicWall for
assistance and sent them the tsr (tech support report)
file which has the list of rules and other
configuration but so far they have not seen anything
wrong with it.

For this firewall appliance (TZ170), I have just
enabled Terminal Services to pass through and site to
site VPN and the rest are just the normal
configuration.

I must suspect there could be a rule here that
completely blocks connection. I shall send you guys
some info tomorrow when I get back to the office.

One thing I noticed, when I upgraded the SOHO3 to
TZ170. The Soho3 had another device linked to it and
it was a Linksys 4 port router which has port
forwarding enabled. I have not scrutinized the
configuration of this additional device per se, but
what I can say is that it has port forwarding enabled.

Thank you for your time.

Very sincerely yours,
Servie

--- List Account <list.account@cerdant.com> wrote:

> What version of SonicOS are you running? Standard or
> Enhanced?
> Are there any log messages generated in the
> SonicWALL when the user attempts
> to connect to the site?
> If you're running SonicOS Enhanced 3.1 or greater,
> have you done a packet
> capture and saved it to a libpcap file? Can you post
> this file if so.
>
> Nathan Grandbois, CISSP, CSSA
> Cerdant, Inc.
> 614.717.0123 ext. 26
>
> >-----Original Message-----
> >From: firewall-wizards-admin@honor.icsalabs.com
> >[mailto:firewall-wizards-admin@honor.icsalabs.com]
> On Behalf
> >Of Servie Platon
> >Sent: Wednesday, August 17, 2005 8:52 PM
> >To: firewall-wizards@honor.icsalabs.com
> >Subject: [fw-wiz] UPS Worldship connection problems
> with new
> >firewall device
> >
> >
> >
> >Hello FW-Wizards and gurus,
> >
> >I have upgraded my Sonicwall SOHO3 to TZ170 a
> couple
> >of weeks back for my small office network.
> >
> >Everything seems to be working fine except for one
> >laptop which accesses UPS (United Parcel Service)
> >Worldship network.
> >
> >As its description from the UPS website. UPS
> >WorldShipR is a full featured, WindowsR-based,
> >shipping software application for customers with
> high
> >volume shipping needs. WorldShip allows customers
> to
> >accelerate, streamline and enhance not only their
> shipping
> >processes, but financial and customer service
> processes as well.
> >
> >When we first installed the program in one of the
> >laptops, it seems to be working fine with the SOHO3
> >firewall.
> >
> >And when, we upgraded to the Sonicwall TZ170,
> that's
> >when the problem started to set in. We were told by
> >UPS technical support since we have upgraded a
> >firewall appliance, the firewall rules may have
> >blocked inbound and outbound communication between
> our
> >small office network and UPS's network.
> >
> >Furthermore, we were told that we need to enable
> >support for gethostip.exe, shipups.exe,
> upslnkmg.exe
> >alongside allowing access for 153.2.x.x network.
> >
> >Since I don't see any documentation on this
> Sonicwall
> >TZ170 to do the adding of .exe files to the
> firewall
> >that supports this method.
> >
> >I am uncertain though, whether my firewall rules
> have
> >something to do with it? AFAIK, other services such
> as
> >mail, terminal services are working fine except for
> >this one.
> >
> >One odd thing that puzzles me is that if my boss
> >brings this laptop to his house and connect it to
> his
> >Home network through his router, he could connect
> to
> >UPS and be able to do work and send info in a
> >bi-directional manner.
> >
> >Whereas, if he returns to the office he gets an
> Error
> >Code 53670 which according UPS has something to do
> >with our firewall and dns resolution.
> >
> >I have attempted and failed to enable this feature
> and
> >am hoping that maybe someone may have encountered
> this
> >problem in the past who may have the solution.
> >
> >Again, thank you very much.
> >
> >Very sincerely yours,
> >Servie
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Tired of spam? Yahoo! Mail has the best spam
> protection around
> >http://mail.yahoo.com
> >_______________________________________________
> >firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
>
>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
> >
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
>
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: List Account: "RE: [fw-wiz] UPS Worldship connection problems with new firewall device"
• In reply to: List Account: "RE: [fw-wiz] UPS Worldship connection problems with new firewall device"
• Next in thread: Chris Hunhoff: "RE: [fw-wiz] UPS Worldship connection problems with new firewall device"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]