|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] mail problems and 4.1 SP3 issues
Hopefully this setting will fix your problem. I have similar problem as you. This setting from checkpoint had me change and fix the problem. 1. How to change TCP timeout for the connections On the management server: fwstop Edit objects.C, add: :tcpstarttimeout (300) Look for $FWDIR/conf/objects.C.bak, objects.C.save, and remove them. database/objects.C[bak,save], move or delete them. fwstart Install the policy -----Original Message----- From: Camille Edge [mailto:[email protected]] Sent: Tuesday, April 24, 2001 7:13 PM To: [email protected] Subject: [FW1] mail problems and 4.1 SP3 issues Hi all I'm hoping someone can help me. I'm having trouble with mail sitting in the firewall spool directory. It doesn't happen to all mail just some. Two examples are mail going to nova.edu and citizensbank.com. Any mail for those domains just sit in the spool directory. I've tried forcing it out with the fw mdq command and restarting the firewall. The AV info (esafe) is set so that it is not being scanned and it still doesn't want to go out. Other mail goes out ok. My Mail Questions: 1. What causes the mail to sit in the spool directory? 2. What happens to it when it becomes an E-filename (errors out)? Does the user get notified? (hasn't happened yet) 3. How do I fix the problem? I've tried searching around but haven't been able to find anything that fixes this problem. The firewall is FW1-4.1 SP1 on an NT4 server. I'm running Esafe Gateway CVP ver 2.? (forget sorry) build 101. I called the folks at Esafe and they suggested we upgrade the firewall to SP3 and install a mail dll on esafe. We checked around on the web and didn't see any indication of problems with SP3 so we did the install. However, after the upgrade we lost our VPN to our external site. We tried reinstalling the policies on both machines and restarting the firewall but that didn't kick the VPN off. The external site is using a Nokia box running FW1-4.1 SP1. We ended up backing out SP3. Because we lost our VPN and backed out the service pack, we didn't even get a chance to install the new mail dll on esafe so I don't know if that fix would have worked or not, but the messages in the spool directory have the AV info cleared anyway so I don't think so. However now we are getting service failures. Today we got these messages (SP3 was installed and uninstalled yesterday) "Ela_proxy.exe Initialization of the dll C:\WINNT\System32\Users32.dll failed. The process terminated abnormally" This was logged as NT Event ID 7024 and said "The CheckPoint ELA Proxy service terminated with service-specific error 5" My SP3 Questions: 1. Are there problems with SP3? Or are there problems with SP3 and VPNs? 2. When installing SP3 what do I have to do to get my VPN to come up? 3. Do both sites have to have the same service pack level? 4. What do I do to fix the service failures I'm getting now? 5. What is ELA Proxy service? I'm at a loss as what to do next. Any help would be greatly appreciated. You can email me on the list or directly at [email protected] thanks cee ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
