[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] fw-1 on NT issue
hi, I've been experiencing some funnies on fw-1. we have a machine that connects to another machine via a IPSEC tunnel across a ISDN dialup link. the setup is as follows: NT Server (B) --> FW-1 on NT (C) --> Cisco router --> IBM Router --> FW-1 on Solaris --> FreeBSD Server (A) ISDN dialup connection between the Cisco router and the IBM router. IPSEC running between the two routers. if A initiates the session, the connection works. if B initiates the session, the connection isn't established. this is what I see when I do a tcpdump on the FreeBSD server: B sends a syn request. A responds with an ack. B sends an ack back, but with a window size of 0. this causes A to send a reset, and the connection is dropped. If I move B to the outside of the network, i.e.. give it the Valid external ip and connect it to the Cisco router, it works fine. the FW-1 on NT is version 4.1 sp 3. and NT service pack 6a. according to the fw-logs on the C firewall the translation is fine and it's allowing the data through. the routing isn't an issue, because the packets are actually reaching the remote side, A. I would really appreciate any assistance. regards Andre' ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|