|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] IPSO Default Gateway Problem
The nokia boxes have an option to use a name for a default gateway as opposed to an address. Are you using that option? If so, you may want to make sure resolution is operating. Try making it an "address" and specify the next hop that way. You can also use tcpdump to find out if the box arps or does anything for that matter related to your request. Or does it wait 20 plus seconds before seding out anything related to the request? Make sure you clear the arp cache before testing that. How did you enter the routes, using the text box at the bottom or using the gui buttons? Send a copy if you think you can. Regards Bill ----- Original Message ----- From: "Darren Lewis" <[email protected]> To: <[email protected]> Sent: Wednesday, June 12, 2002 2:21 PM Subject: [FW-1] IPSO Default Gateway Problem > Hi > > I have a very strange problem where if I put the default gateway in the > same subnet as any one of the three interfaces on my Nokia IP330 (i.e. how > you would want it!), the firewall grinds to a halt for about 20-30 seconds > when doing some network operations. I have noticed this when telnetting in > to the firewall, or doing a ping from within a serial console. The telnet > session does nothing for a while and the ping just sits there, and then > after a while both just kick into life, as if everything is completely > normal. If I remove the default gateway, everything works OK. If I > disconnect the network cable from the interface connected to the default > gateway, the ping or telnet carries on without the normal 20-30 second > delay. If I move the default gateway to a different interface the > behaviour remains, but the cable that I can disconnect to get the telnet of > ping going again changes accordingly. This affects all pings and telnets, > not just those in/out of the interface with the 'problem'. The box is a > clean install of Nokia IPSO 3.4.1-FCS11. It doesn't make any difference > whether FW1 is running or not. Any ideas at all? This has to be one of > the more bizarre problems I have seen. > > By the way, for those interested in a previous post where I managed to > corrupt the boot manager (by not doing an md5 on the image - idiot), I > managed to repair it. I connected the knackered HDD as a slave on a second > IP330, and did a manual 'dd' from the master to the slave starting at > sector 63. I was going to do it in FreeBSD, but doing it in IPSO seemed a > safer option. > > If anyone has any ideas about the gateway thing, I'd love to hear from you. > > Cheers > > Darren Lewis > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
