|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] NG AI and DNS drops
Since upgrading a Checkpoint FW1 4.1SP6 to NG AI I've noticed that AI drops a lot more DNS traffic. It is coming from the rule that blocks traffic w/a destination of the firewall. I assume my NATed DNS servers have made a request to these dropped servers, but the UDP reply is taking too long to get back to the DNS server. UDP Virtual session timeout is set to 40 seconds. Should I try increasing this? After 40 seconds, I am sure the DNS server has given waiting for a response - so this probably wouldn't help. I don't have UDP protocol enforcement enabled at the moment, so that's not it. Ideas? Thanks! Edwin Davidson http://www.primeinc.com ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please reply to the sender of the message. The views expressed in this correspondence may not reflect the views of Prime, Inc. This footnote also confirms that this email message has been scanned for the presence of computer viruses. ********************************************************************** ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
