|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Antw: Re: [FW-1] SMTP and Unknown Established TCP packet
Hi James, an other reason can be, that you are polling an internal interface, and the external interface is answering. The reason for this is, that the snmp deamon is always answering with the interface nearest to the SNMP-Client. I think, that can not be a timeout, because the timeout is very high. An Unknown Established TCP packet is showing, if the Firewall gets an syn/ack packet and no syn packet before. If you are polling an interface and an other interface is answering, it sends no syn packet befor for a new connection. Often ist only an routing problem! I hope, it will help you! By Tobi >>> James Schnack <[email protected]> Mittwoch, 27. März 2002 20:17 >>> Excellent theory. It could well have been the case... (Although in our case that would not explain the delays and loops detected by VisualRoute - VR did not use the SMTP port.) I'll definately keep that in mind for some other time. Thanks, Don, for the idea. J. >From: Don <[email protected]> >Reply-To: Mailing list for discussion of Firewall-1 ><[email protected]> >To: [email protected] >Subject: Re: [FW-1] SMTP and Unknown Established TCP packet >Date: Wed, 27 Mar 2002 10:58:05 -0500 > > > We found out that SMTP connections to many sites took *long* times to > > establish. We demonstrated that in that particular case the problem was > > lousy service from the ISP, since many sites had problems when >connections > > were attempted. Connections were being dropped (out of state) since it >took > > longer than the "handshake" timeout to start exchanging traffic. We > > worked-around it taking the 60s default timer to 300s, and advised the > > customer to talk to their service provider. >... > > Who knows, maybe you are experiencing that same problem. Let us know how >it > > went! >The problems being described here sound exactly like an ident timeout is >causing the problem. Please make sure that you are _rejecting_ ident >traffic to your mail server. If not, some remote systems attempt to >perform an ident lookup, and that reverse connection is dropped by your >firewall. By the time that ident connection times out, and the mail >server goes back to the SMTP session, the connection has also timed out. > >Just an idea. > >-don > >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
