[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Problems with DNS and/or Proxy
I have a problem that's been going on for several weeks now. I'm using Nokia ip440 boxes with an NT 4.0 console. About two months ago we upgraded to SP4 on the Checkpoint and 3.4 on the IPSO. After getting most of the bugs worked out we worked well for a couple of weeks. Now we are getting what appears to be some type of overload situation, memory leak, or connection table problem. Every so often the firewall will slowly choke off access to the Internet. It appears to only be related to http and dns. We use User Authentication and it starts with just certain sites becoming unavailable. After a while, no one can get to any site. We check the logs and nothing is being dropped, it's just shows no traffic. We've checked DNS and both internal and external still seem to be resolving. It's not our line because we can go to an external site and still reach the Internet with no problems. We've sent every conceivable log to CheckPoint and they haven't found anything extraordinary yet. The only thing that fixes it is to stop and start the fw service. Once that is done everything is flying as expected. At one point, this was occurring on a regular basis, about every 24 hours. Lately, it's only been about once a week. Memory and processor utilization always look normal (97-98% free). Any ideas appreciated. Jerry Atchley Network Security Administrator CCSA/CCSE RCI Global Technology Group/Security Ops RCI, LLCThe sender believes that this E-mail and any attachments were free of any virus, worm, or Trojan horse when sent. This message and its attachments could have been infected during transmission. By reading the message and opening any attachments, the recipient accepts full responsibility for taking remedial action about viruses and other defects. Cendant/RCI is not liable for any loss or damage arising in any way from this message or its attachment. "The sender believes that this E-mail and any attachments were free of any virus, worm, or Trojan Horse when sent. This message and its attachments could have been infected during transmission. By reading the message and opening any attachments, the recipient accepts full responsibility for taking remedial action about viruses and other defects. Cendant/RCI is not liable for any loss or damage arising in any way from this message or its attachment." =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|