Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Unknown established TCP port

To: "Reed Mohn, Anders" <[email protected]>
Subject: RE: [FW1] Unknown established TCP port
From: [email protected]
Date: Wed, 9 May 2001 09:02:31 -0500
Cc: [email protected]
Sender: [email protected]


I'm using a Nokia IP 440 IPSO 3.3 for the firewall and NT 4.0 SP6 for the
mgmt box. I edited the files using "qbasic". Maybe I should try DOS edit?
I'll keep you posted. Thanks.

Michael Berge
Systems Engineer




                                                                                                                         
                    "Reed Mohn, Anders"                                                                                  
                    <Anders.Reed.Mohn@itcomp        To:     "'[email protected]'" <[email protected]>  
                    agniet.no>                      cc:                                                                  
                                                    Subject:     RE: [FW1] Unknown established TCP port                  
                    05/09/2001 08:53 AM                                                                                  
                                                                                                                         
                                                                                                                         




In over my head here, but for what it's worth:

What platform are you on? NT?
Someone posted on the list once that you need to
make the changes to FW1 config files using a text
editor like DOS' EDIT. Do not use Notepad.
This is because FW1 expects Unix style newline-characters,
and not the Windows CR/LF pair (or was it the other way around,
I never remember..)
Anyway, if you saved the base.def using Notepad, it won't work.

Cheers,
Anders :)


-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: 8. mai 2001 23:49
To: [email protected]
Subject: [FW1] Unknown established TCP port



Hi all,

I know this issue has been addressed, but I have run out of options to
correct this.

I am trying to run a script that ftp's a file everyday. Before I upgraded
to 4.1 SP3, it ran just fine. Now, with the changes in how FW1 deals with
established connections I cannot. When I manually do a "get" it works fine,
but when I do a "put", it establishes the connection just fine, but then it
hangs, then, when I cancel the operation I get the dreaded "Unknown
established TCP packet" drop with various S_PORTS. After when I check the
remote server, the file is sent, but it doesn't seem to send a
acknowledgement, nor do we send an "EOF" to complete the connection.

I have made the ALLOW_NON_SYN_RULEBASE_MATCH in fwui_head.def

I have made the "p in tcpservices", FTPPORT (match), and FTP_ENFORCE_NL
changes in the base.def file

But I still get this error. Can someone help???

Thanks

Michael Berge
Systems Engineer



============================================================================

====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================

====






================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] source port 0 problem??
Next by Date: RE: [FW1] Firewall upgrade problem - very very urgent
Previous by thread: [FW1] Unknown established TCP port
Next by thread: RE: [FW1] Unknown established TCP port
Index(es):
- Date
- Thread