NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] fw-1 on NT issue



hi,

I've been experiencing some funnies on fw-1. we have a machine that connects
to another machine via a IPSEC tunnel across a ISDN dialup link. the setup
is as follows:

NT Server (B) --> FW-1 on NT (C) --> Cisco router --> IBM Router --> FW-1 on
Solaris --> FreeBSD Server (A)

ISDN dialup connection between the Cisco router and the IBM router. IPSEC
running between the two routers.

if A initiates the session, the connection works. if B initiates the
session, the connection isn't established.
this is what I see when I do a tcpdump on the FreeBSD server: B sends a syn
request. A responds with an ack. B sends an ack back, but with a window size
of 0. this causes A to send a reset, and the connection is dropped.

If I move B to the outside of the network, i.e.. give it the Valid external
ip and connect it to the Cisco router, it works fine. the FW-1 on NT is
version 4.1 sp 3. and NT service pack 6a. according to the fw-logs on the C
firewall the translation is fine and it's allowing the data through. the
routing isn't an issue, because the packets are actually reaching the remote
side, A.

I would really appreciate any assistance.

regards

Andre'







================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.