Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Too many host detected

To: ??? <[email protected]>, [email protected]
Subject: RE: [FW1] Too many host detected
From: "Zelck, Guy" <[email protected]>
Date: Mon, 27 Nov 2000 10:43:46 -0000
Sender: [email protected]

To the guy who doesn't identify himself,

> You mean  FireWall-1 System's?
> 
> * Disable ip-forwarding for one on the destination pcs
> 
> So then all Internet Connection will be losted
> 
No, off course not. Learn to read, it says destination pcs, not FW-1
machine.

"Disable ip-forwarding for one on the destination pcs."
Ip forwarding could be enabled on one of the destination pcs and that can
cause the trouble.
Is this the case?
 
> Hi,
> 
> >
> >    Have anybody out there encountered this prolem ? I have a
> > FW 4.1 (running
> > on Solaris 2.6 ) and I have 50 licences. I have 30 PC with 1
> > NIC card each.
> >
> >    Recently I can't login to FW via console. The following
> > error apperas :
> You mean login remotely, if you can't login from the console 
> attached to
> the
> server that's severe.
> 
> >
> > Nov  7 10:21:59 wt-iadvantagefw unix: FW-1: too many internal
> > hosts (103)
> > detected
> > Nov  7 10:21:59 wt-iadvantagefw unix:  (202.85.99.140
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.183.128
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 169.254.234.4
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 169.254.126.45
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.25
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.9
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.163.5
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.3
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.2
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.1
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 169.254.34.241
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 169.254.248.249
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.183.36
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 208.189.101.160
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.81
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 209.178.166.180
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 202.85.161.70
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 208.163.139.149
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.104
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.105
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.106
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.107
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.109
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.110
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.111
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.168.98
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.101
> > Nov  7 10:21:59 wt-iadvantagefw unix: , 192.168.128.102
> >
> > Please help. I am not sure why some external IP appears .
> 
> The firewall sees all these hosts as being internal. If you see some
> external hosts among the addresses it could be something that I once
> had.
> Check to see if none of your PCs has several interfaces or 
> has different
> addresses defined on the same interface and has IP forwarding on.
> Then, when a packet reaches your PC's interface with an destination
> address
> different from the default one, the packet will be sent back on to the
> network where it is spotted by fw1 and since the packet's 
> source address
> is
> the address of the real external client, the fw thinks there's a new
> host on
> the internal network and increments its hostcount.
> Disable ip-forwarding for one on the destination pcs.
> Then clean the hosts tables by stopping the fw (fwstop), deleting
> database/fwd.h & database/fwd.hosts and restart the fw (fwstart).
> Now check with 'fw lichosts' to see if any new hosts are 
> added after you
> hopefully solved the problem on your destination pcs.
> 
> Hope this helps,
> 
> Guy Zelck
> EDS, E.Solutions Benelux 
> Database- & Unix System Administrator 
> 
> Tel: +32 (0)2 - 711.39.43 
> Fax : +32 (0)2 - 711.39.47  
> Email: [email protected]
> 
>               
> 
> 
> 
> ==============================================================
> ==========
> ========
>      To unsubscribe from this mailing list, please see the 
> instructions
> at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==========
> ========
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Chrysalis-ITS and CheckPoint 2000 SP2
Next by Date: RE: [FW1] 'Exceeded allowed number of internal hosts' while not t rue.
Previous by thread: RE: [FW1] Too many host detected
Next by thread: RE: [FW1] Too many host detected
Index(es):
- Date
- Thread