NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Checkpoint 3.0b question


  • To: [email protected]
  • Subject: Re: [FW-1] Checkpoint 3.0b question
  • From: Frank Darden <[email protected]>
  • Date: Tue, 12 Aug 2003 13:21:17 -0400
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcNg6z5oRMfTWKgEQzqn0XuJD26hjQABxfLQAADZf0A=
  • Thread-topic: [FW-1] Checkpoint 3.0b question

Your NAT tables are filling up, or you are trying to pass protocols that
are non-IP. Follow the typical procedure for increasing state and NAT
tables and the problem should go away. I believe this is documented on
http://www.phoneboy.com To get an idea as to how many connections are
going through your firewall, use the fw tab -t connections -s command.

I think it goes without saying that you need to upgrade right away.

Frank


-----Original Message-----
From: Hal Dorsman [mailto:[email protected]]
Sent: Tuesday, August 12, 2003 12:55 PM
To: [email protected]
Subject: Re: [FW-1] Checkpoint 3.0b question

3.0b on Solaris 2.6?

Have you considered upgrading?

Hal



> -----Original Message-----
> From: Mayooran Pooranachandran [mailto:[email protected]]
> Sent: Tuesday, August 12, 2003 9:47 AM
> To: [email protected]
> Subject: [FW-1] Checkpoint 3.0b question
>
>
> Hello,
>
>
>
> I am sure this has been discussed many moons ago, but I
> cannot seem to find
> any resolution to the following problem.
>
>
>
> 2 weeks ago, we implemented Static NAT for 2 workstations on
> the internal
> network.  Yesterday afternoon we started seeing the following on the
> console:
>
>
>
> Aug 11 14:55:05 camelot unix: fw: halloc 72 bytes: memory exhausted
>
> Aug 11 14:55:05 camelot unix: fw: mem: Total: 1572864 Avail:
> 50000 bytes
> 1710085
>
>  alloc, 1686314 free, 1 reject
>
> Aug 11 14:55:05 camelot unix: fw_init_xlation_tables: ld_set
> forward failed
>
> Aug 11 14:55:05 camelot unix: fw_xlate_forw: failed to initialize the
> connection
>
> Aug 11 14:55:05 camelot unix: fw_init_xlation_tables: ld_set
> forward failed
>
> Aug 11 14:55:05 camelot unix: fw_xlate_forw: failed to initialize the
> connection
>
>
>
> I have increased the fwhmem to 0x3200000, but we still experience this
> problem.
>
>
>
> Platform: Solaris 2.6 32MB of memory.
>
> Checkpoint:
>
>
>
> This is FireWall-1 Version 3.0b (12Aug2003 11:45:10)
>
> Type             Expiration Ver Features
>
> 209.47.67.66     Never      3.x lcontrol pfm50
>
>
>
>
>
> All help will be greatly appreciated.
>
>
>
> Thanks
>
>
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.