[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Nokia 440/State Sync/UDP & NAT ISSUES!
To: fw-1-mailinglist We have 2 nokia 440 (ipso 3.3 and CP 4.1 sp3) sets (of 2)one set in one side of the country and another set on the other side. Both sets are setup with VRRP and a sync.conf file with only the opposite sync address in them as well as SyncMode=TCP sync If I un-NAT any IP or IP range OR I disable 1 of my firewalls from state-sync, I have zero UDP problems. If either of those is enabled I have no UDP sync and my UDP connections disconnect via the timeout setting in the policy properties. Nokia tech support and Checkpoint techsupport are no help on this. Ideas? Yes this is the case on both pairs yes we have bumped up all kernal mem settings,hash sizes etc. the second group of FW's has a tiny NAT table and the first group a huge one, however the symptoms are identical. Time is in sync. Interfaces are talking properly. I see connections in fw tab -t connections that mach on both walls...etc.etc.etc. I just can't believe that no one has run into this one yet. I would love to hear some input/ideas on this one. IGHOG ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|