NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] [FW-1] Solution for Dr.Watson (0xc0000005) - VPN-1 4.1 SP2



Nice one Justin.

-----Original Message-----
From: Chuck Melanson [mailto:[email protected]]
Sent: Tuesday, September 12, 2000 2:14 PM
To: Fw-1 (E-mail)
Subject: [FW1] [FW-1] Solution for Dr.Watson (0xc0000005) - VPN-1 4.1
SP2



Credit for this is going to Justin Kwong [[email protected]] for his
post on Wed 8/16/2000 2:32 PM.

Environment:
------------------
NT 4.0 SP6a
VPN-1 4.1 SP2
HP LPR Server with 3 HP 10/100 NICs.

VPN Information:
IKE encryption, 3DES, SHA1, ESP, no PFS (use shared secrets)
Remote VPN created by FreeS/WAN on Linux.

Symptoms:
----------------
VPN encryption was enabled to a partner site. After about 3 hours of
steady traffic, Dr Watson in the event log:

An Application error has occurred and an application log is being
generated.
                             fw.exe
Exception: access violation (0xc0000005), Address: 0x78008ab5

System Log shows the following error:
     The application, WIN32/fw_Strong.exe, generated an application
error
     The error occurred on  8/16/2000 @ 11:45:26.718
     The exception generated was c0000005 at address 78008ab5 (strcmpi)

The firewall remains operational, perfmon counters show no additional
activity than normal. All NAT, and regular net to net traffic remains
unimpeded.

All VPN traffic is immediately halted. All IKE traffic is dropped, and
it is no port 500 traffic ever reaches the logs. Port scans from the
remote encryption domain show up in the logs, but when the range 499-550
hits the logs, port 500 just doesn't show up. The only way I found out
was I fired up the console on the remote FW and saw the Dr. Watson.

When an fwstop/fwstart was given, the VPN came back up, but went down
within another few hours.

Solution
-------------

Replace the fwntperf.dll in $FWDIR/lib with the one from the
$FWDIR/Service Pack 2 Backup directory.
Reboot.

Chuck.


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.