[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Unknown established TCP port
I'm using a Nokia IP 440 IPSO 3.3 for the firewall and NT 4.0 SP6 for the mgmt box. I edited the files using "qbasic". Maybe I should try DOS edit? I'll keep you posted. Thanks. Michael Berge Systems Engineer "Reed Mohn, Anders" <Anders.Reed.Mohn@itcomp To: "'[email protected]'" <[email protected]> agniet.no> cc: Subject: RE: [FW1] Unknown established TCP port 05/09/2001 08:53 AM In over my head here, but for what it's worth: What platform are you on? NT? Someone posted on the list once that you need to make the changes to FW1 config files using a text editor like DOS' EDIT. Do not use Notepad. This is because FW1 expects Unix style newline-characters, and not the Windows CR/LF pair (or was it the other way around, I never remember..) Anyway, if you saved the base.def using Notepad, it won't work. Cheers, Anders :) -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: 8. mai 2001 23:49 To: [email protected] Subject: [FW1] Unknown established TCP port Hi all, I know this issue has been addressed, but I have run out of options to correct this. I am trying to run a script that ftp's a file everyday. Before I upgraded to 4.1 SP3, it ran just fine. Now, with the changes in how FW1 deals with established connections I cannot. When I manually do a "get" it works fine, but when I do a "put", it establishes the connection just fine, but then it hangs, then, when I cancel the operation I get the dreaded "Unknown established TCP packet" drop with various S_PORTS. After when I check the remote server, the file is sent, but it doesn't seem to send a acknowledgement, nor do we send an "EOF" to complete the connection. I have made the ALLOW_NON_SYN_RULEBASE_MATCH in fwui_head.def I have made the "p in tcpservices", FTPPORT (match), and FTP_ENFORCE_NL changes in the base.def file But I still get this error. Can someone help??? Thanks Michael Berge Systems Engineer ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|