NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] LinkProof, FW-1, and "unknown established TCP packet"s on SMTP



Title: LinkProof, FW-1, and "unknown established TCP packet"s on SMTP

IP330 with FW-1 V4.1, SP5.

For months we've been running this FW1 between a T1 and our DMZ, which has a mail and a list server on it.  It's been running fine.

Yesterday, we added another T1 (from a different ISP) and a LinkProof box (by RadWare) to load balance both incoming and outgoing traffic between the two T1s.  (The LinkProof box also NATs traffic from the new ISP's network address to the original ISPs network address, and sends it off to the FW1 who then dutifully sends it on to our DMZ).  Our web server is working fine in this new configuration.

Unfortunately, we're getting problems with SMTP packets, both incoming and outgoing, on both our mail and exchange server.  The problem is that many SMTP packets are dropped with "unknown established TCP packets".

Many mail requests succeed.  About 20 a minute fail.  The problem is not confined to specific remote IP address, or outbound T1.  We're seeing errors for both incoming and outgoing mail.

The folks who make the LinkProof are stumped, at least so far.

Anybody have any ideas?  Seen this before?  Lacking that, anybody actually using a LinkProof to loadBalance SMTP traffic outside a firewall-1?

Thanks,

Peter



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.