[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Smart Defense "Small PMTU" attack
I have an NG-FP1 Management Server that controls a mixture of NG-FP1 and 41-SP6 Enforcement Modules at remote locations. Just recently, a user behind one of my 41-SP6 Enforcement Modules attempted to access (HTTP) a Web Server behind an NG-FP3 Firewall within a separate organization, and was stopped by their Smart Defense system - reason given was "Small PMTU" attack. This sounds like a "false positive" to me, but I'm curious to know if anyone else has encountered this issue, and/or what anyone might suggest I do as a workaround. ps. I should mention that I have ":ipsec_dont_fragment (false)" set in my NG-FP1 Management Server's $FWDIR/conf/objects_5_0.C file for each of my remote Enforcement Modules. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|