Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] ssh connections lost

To: <[email protected]>, <[email protected]>
Subject: Re: [FW1] ssh connections lost
From: "Craig Skelton" <[email protected]>
Date: Tue, 6 Feb 2001 07:12:10 -0800
References: <[email protected]>
Sender: [email protected]

The best explanation of this problem is:
http://www.phoneboy.com/fw1/faq/0408.html

What version of fw1 are you using?

Cheers,
Craig

----- Original Message -----
From: "corne" <[email protected]>
To: <[email protected]>
Sent: Tuesday, February 06, 2001 3:36 AM
Subject: RE: [FW1] ssh connections lost


>
> it's not just ssh, also telnet, oracle, etc.
>
> cheers
> corne
>
> > I have a situation where ssh connections from inside the fw dies some
> > arbitrary time after they were started.
> >
> > Doing a sniff on the network (both sides of the fw) reveals
> > the following:
> > packets happily flow from the client to the server. At some
> > stage the client
> > sends another packet, at which point the server doesn't
> > respond. This is the
> > stage where the ssh connection is now dead. The client now
> > sends a bunch of
> > retransmits, thinking that the session is still up.
> >
> > After the session drops, I see dropped packets in the fw log,
> > with the error
> > "unknown established tcp packet". This would indicate that
> > the fw no longer
> > has an entry in its state table for that connection.
> >
> > But why would the connection disappear from the table? From a
> > network sniff,
> > there is no indication that a reset or fin is sent, or
> > anything like that.
> > It seems as if the fw is arbitrarily removing that connection.
> >
> > Any ideas?
> >
> > Regards
> > Corne van Dyk
> > Dimension Data: Network security engineer
> > Tel: +27 21 659 2540
> > Fax: +27 21 659 2101
> > Helpdesk: +27 21 659 2112
> >
> >
> >
> > ==============================================================
> > ==================
> >      To unsubscribe from this mailing list, please see the
> > instructions at
> >                http://www.checkpoint.com/services/mailing.html
> > ==============================================================
> > ==================
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- RE: [FW1] ssh connections lost
  - From: "corne" <[email protected]>

Prev by Date: [FW1] Single Thread query
Next by Date: [FW1] FW-1 SP2 on solaris
Previous by thread: Re: [FW1] ssh connections lost
Next by thread: RE: [FW1] ssh connections lost
Index(es):
- Date
- Thread