[c-nsp] Passing SOAP through PIX
Alexander Serkin
als at cell.ru
Wed Jun 7 06:36:20 EDT 2006
Recently we noticed that the HTTP POST request containing SOAP
application is not passed through the PIX (7.1(2)) with default
inspection rule.
The message is (decoded from Ethereal packet dump):
--------------------------------------------
Hypertext Transfer Protocol
POST /rcu/rc.asmx HTTP/1.1\r\n
Request Method: POST
Request URI: /rcu/rc.asmx
Request Version: HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client
Protocol 2.0.50727.42)\r\n
Content-Type: text/xml; charset=utf-8\r\n
SOAPAction: "http://tempuri.org/SherpWS/Service1/Execute1"\r\n
Host: 10.x.x.x\r\n
Content-Length: 416\r\n
Expect: 100-continue\r\n
Connection: Keep-Alive\r\n
\r\n
eXtensible Markup Language
<?xml
version="1.0"
encoding="utf-8"
?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<Execute1
xmlns="http://tempuri.org/SherpWS/Service1">
<QueryCode>
BS_Balance_Get
</QueryCode>
<Parameters>
i_DN=XXXXXXXXXX,i_ExtParam=$SUBSYSTEM=WINSP
</Parameters>
</Execute1>
</soap:Body>
</soap:Envelope>
-------------------------------------
And the error reported is:
%PIX-5-415008:1 HTTP RFC method illegal - 'POST' from 10.x.x.x to srv03
What is wrong with the request so that pix does not allow it through?
--
Sincerely Yours,
Alexander
More information about the cisco-nsp
mailing list