NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] followed up udp packets are blocked



You might want to increase UDP reply timeout option in the Properties which
by default is set to 40 seconds. Sounds like reply packets are coming in
after connection table is timed out.

Sincerely,

Sun Yu, CISSP
Lucent Worldwide Services


> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of
> Hartmann, Josef
> Sent: Monday, January 08, 2001 12:15 PM
> To: '[email protected]'
> Subject: [FW1] followed up udp packets are blocked
>
>
>
> Hi!
>
> I am facing the following problem:
> A server and a client are communication using udp. First the server
> establishes the communication sending a udp packet to the
> client (which is
> allowed by the fw), then the client sends its packets to the
> server using
> different dst ports however the same source port. For the
> first few packets
> this works fine, I guess fw-1 knows about the following
> packets. However
> after some time (~2min) the fw blocks those udp packets
> (client-> server).
>
> How can I solve this problem?
> I just test creating a service other using udp,sport=xx
> rulebase
> client        server      myservice     accept
>
>
> Are there any security concerns doing it this way? Are there other
> solutions?
>
>
> Cheers,
>
>
> Josef
>
>
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.