[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Checkpoint 3.0b question
Your NAT tables are filling up, or you are trying to pass protocols that are non-IP. Follow the typical procedure for increasing state and NAT tables and the problem should go away. I believe this is documented on http://www.phoneboy.com To get an idea as to how many connections are going through your firewall, use the fw tab -t connections -s command. I think it goes without saying that you need to upgrade right away. Frank -----Original Message----- From: Hal Dorsman [mailto:[email protected]] Sent: Tuesday, August 12, 2003 12:55 PM To: [email protected] Subject: Re: [FW-1] Checkpoint 3.0b question 3.0b on Solaris 2.6? Have you considered upgrading? Hal > -----Original Message----- > From: Mayooran Pooranachandran [mailto:[email protected]] > Sent: Tuesday, August 12, 2003 9:47 AM > To: [email protected] > Subject: [FW-1] Checkpoint 3.0b question > > > Hello, > > > > I am sure this has been discussed many moons ago, but I > cannot seem to find > any resolution to the following problem. > > > > 2 weeks ago, we implemented Static NAT for 2 workstations on > the internal > network. Yesterday afternoon we started seeing the following on the > console: > > > > Aug 11 14:55:05 camelot unix: fw: halloc 72 bytes: memory exhausted > > Aug 11 14:55:05 camelot unix: fw: mem: Total: 1572864 Avail: > 50000 bytes > 1710085 > > alloc, 1686314 free, 1 reject > > Aug 11 14:55:05 camelot unix: fw_init_xlation_tables: ld_set > forward failed > > Aug 11 14:55:05 camelot unix: fw_xlate_forw: failed to initialize the > connection > > Aug 11 14:55:05 camelot unix: fw_init_xlation_tables: ld_set > forward failed > > Aug 11 14:55:05 camelot unix: fw_xlate_forw: failed to initialize the > connection > > > > I have increased the fwhmem to 0x3200000, but we still experience this > problem. > > > > Platform: Solaris 2.6 32MB of memory. > > Checkpoint: > > > > This is FireWall-1 Version 3.0b (12Aug2003 11:45:10) > > Type Expiration Ver Features > > 209.47.67.66 Never 3.x lcontrol pfm50 > > > > > > All help will be greatly appreciated. > > > > Thanks > > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|