|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] TCP TimeOut Problems
I've been having the same problem recently, since I upgraded from 4.0 sp3 to 4.1 sp2 (NT4 Management and 2 Nokia 440's running IPSO 3.3) It looks like I've managed to fix it with the help of Phoneboy (searching for Unknown TCP packets) All you have to do is uncomment a line in the $fwdir\lib\fwui_head.def and the line is #define ALLOW_NON_SYN_RULEBASE_MATCH Basically, what this does is to revert back to the 4.0 way of handling connections in the state table. I had to make this change under intense pressure from 'the business' as 90% of our users and external clients were being kicked off their connections to an AS/400 box. I still have reservations about the fix (for security reasons) but didn't have a choice. Hope this helps, Jonathan Jackson Network Security Analyst AMP Group 4 Broadgate, Liverpool St London, EC2M 2PA Tel (44)[email protected] "GIRAUT,JESUS (HP-Venezuela,ex1)" <[email protected]> on 09/04/2001 20:29:46 To: [email protected] cc: (bcc: Jonathan B Jackson(IT)/UK/AMP) Subject: [FW1] TCP TimeOut Problems Hi everybody, I'm having some problems with a UNIX server protected by a Firewall-1 running on a Windows NT box. The users are accessing an application via telnet on the Unix server which controls a printer located outside the firewall. These users access some sections from this application and send information to the printer, they receive the following problem: When they try to print some information, the printer starts printing the job but after 2 or 3 minutes the telnet session to the server suddenly stops and it stops also the printing. I think this a TCP timeout problem, however I'm using some configuration documents from the CheckPoint support web site in order to increase this tcp timeout value but I keep receiving the same problem. I don't know if I'm missing some steps on the configuration of the TCP timeout, or if it could be a timeout on the same Windows NT operative system. Any similar experience? Thanks and regards, ========================================================= _/ | Jesus Giraut _/ | IT Solution Consultant _/_/_/ _/_/_/ | MCA Region _/ _/ _/ _/ | HP Consulting _/ _/ _/_/_/ | Phone: (_/ | Fax: (_/ | Telnet: 1-207-8083 | Mobile: (58-212) 14-274-7457 | eMail: [email protected] ========================================================= ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ___________________________________________________________________________ The information contained in this e-mail is confidential and may be legally privileged. It is intended solely for the use of the individual or entity to whom it is addressed and others explicitly authorised to receive it. If you have received this e-mail in error, please destroy it and delete it from your computer. Any disclosure, copying or distribution of the information is strictly prohibited and may be unlawful. No responsibility can be accepted to any end users for any action taken on the basis of the information. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
