[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] slow initial connection
Maybe I should just be quiet and listen - I was so fixated on the other discussion (where the firewall is the endpoint), I missed that these were connections through and not to the firewall. Bill cryptotech wrote: > In the telnet process, the remote box will usually attempt to send an IDENT packet > back to the sender. As this will appear to the firewall as an unsolicited IDENT > query, it will be dropped. You can validate this by 1) looking in the log viewer > for entries on the cleanup rule, 2) create a rule that says any externalnat-ip any > drop. > > You should see the incoming ident package being dropped. > > Of course part of the problem is the DNS that the others have spoken of. > > BTW, you can deal with this problem if you create a rule that says any > externalnat-ip ident reject. > > Cheers, > > [email protected] wrote: > > > Here's a problem that I've been wrestling with for the past three months. > > When making an outbound TELNET or FTP connection, the client connects > > immediately but doesn't receive a logon prompt till about 60 seconds > > afterwards. At that point the users can login and everthing functions > > properly. > > > > Any ideas? > > > > Damir Matanic > > Chicago > > > > > > > ================================================================================ > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================================================ > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|