[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re[2]: [FW1] unknown established tcp packet
Hello MikeCC, M> I have been trying to get this answer for weeks. I have run into this very M> problem, packets being dropped that should not be dropped and the log M> displaying the "unknown established tcp packet" error. I ran (and am still running) into the same problem on five completely different firewalls. I'd like to add that "reverting to 4.0 situation" does NOT solve this problem of "packets dropped that should not be". You just end up with the answer beeing refused, and logged. (If you enable that in the policy properties.) Client connect to a server behin your firewall, connection is established (both on the client, the server, and it the state table) and after "a while" (around 2 minutes) the firewall will drop anything that the server emits towards the client on that previously established tcp session. Same happens even with timeout on 3600sec. Anyway, I hate writing long E-mails to explain a bug in a software that'll get unanswered by Checkpoint anyway. Does checkpoint find this situation acceptable ? I guess this problem will disappear with SP4, much like another unacceptable bug report I did about Floodgate-1 4.1 SP3 crashing twice a day on Sun E220R servers. -- Best regards, Cedric mailto:[email protected] CCSE, CCSA, and hopefully gonna replace all of this by IPfilter. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|