Problems with XML/SOAP Traffic

[ben.blendeman]

All,

I have some serious troubles with SmartDefense(R62):

we have several servers with applications running and they need to speak with eachother. This application communication needs to pass the Checkpoint firewall and this is XML/SOAP traffic.
This is in fact HTTP traffic and this is also like this configured in my policy. The problem is that this traffic is blocked/dropped by SMartDefense (when I disable it, it works).
This is really a pain in the ass issue, because SmartView Tracker is not logging this. I can not see why it is dropped.
I have tried to create a manual http service but without success. Even checkpoint does not know the casue of this with the debugs I took and when I ask them about the logging problem they say:

yes we know SmartDefense is not always logging in a good way, but it is not a bug

Is anyone also experiencing this or have a solution? I have now 3 customers with similar SmartDefense issues and no logging!

Greetz
Ben

[marklar]

Disable smartdefense, it gives nothing but problems. If you need to do HTTP content inspection put in a reverse proxy or proper web application firewall.

m.

[arto.ra]

I had almost identical problem, but disabling ISN spoofing did the trick.