[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Too many host detected
To the guy who doesn't identify himself, > You mean FireWall-1 System's? > > * Disable ip-forwarding for one on the destination pcs > > So then all Internet Connection will be losted > No, off course not. Learn to read, it says destination pcs, not FW-1 machine. "Disable ip-forwarding for one on the destination pcs." Ip forwarding could be enabled on one of the destination pcs and that can cause the trouble. Is this the case? > Hi, > > > > > Have anybody out there encountered this prolem ? I have a > > FW 4.1 (running > > on Solaris 2.6 ) and I have 50 licences. I have 30 PC with 1 > > NIC card each. > > > > Recently I can't login to FW via console. The following > > error apperas : > You mean login remotely, if you can't login from the console > attached to > the > server that's severe. > > > > > Nov 7 10:21:59 wt-iadvantagefw unix: FW-1: too many internal > > hosts (103) > > detected > > Nov 7 10:21:59 wt-iadvantagefw unix: (202.85.99.140 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.183.128 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 169.254.234.4 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 169.254.126.45 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.25 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.9 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.163.5 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.3 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.2 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.1 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 169.254.34.241 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 169.254.248.249 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.183.36 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 208.189.101.160 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.81 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 209.178.166.180 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 202.85.161.70 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 208.163.139.149 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.104 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.105 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.106 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.107 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.109 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.110 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.111 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.168.98 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.101 > > Nov 7 10:21:59 wt-iadvantagefw unix: , 192.168.128.102 > > > > Please help. I am not sure why some external IP appears . > > The firewall sees all these hosts as being internal. If you see some > external hosts among the addresses it could be something that I once > had. > Check to see if none of your PCs has several interfaces or > has different > addresses defined on the same interface and has IP forwarding on. > Then, when a packet reaches your PC's interface with an destination > address > different from the default one, the packet will be sent back on to the > network where it is spotted by fw1 and since the packet's > source address > is > the address of the real external client, the fw thinks there's a new > host on > the internal network and increments its hostcount. > Disable ip-forwarding for one on the destination pcs. > Then clean the hosts tables by stopping the fw (fwstop), deleting > database/fwd.h & database/fwd.hosts and restart the fw (fwstart). > Now check with 'fw lichosts' to see if any new hosts are > added after you > hopefully solved the problem on your destination pcs. > > Hope this helps, > > Guy Zelck > EDS, E.Solutions Benelux > Database- & Unix System Administrator > > Tel: +32 (0)2 - 711.39.43 > Fax : +32 (0)2 - 711.39.47 > Email: [email protected] > > > > > > ============================================================== > ========== > ======== > To unsubscribe from this mailing list, please see the > instructions > at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ========== > ======== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|