We have a PIX (4.4) on which we see frequent "denied" TCP packets with
the same source/destination as a recently-torn-down legitimate
connection. First thought was that certain client machines had TCP
stacks with quirks involving TCP shutdown retransmissions -- but we
can't find a correlation between the logged denial and any particular
type of client machine. We've tried adjusting a few parameters (xlate
timeouts) on the PIX, to no avail. Any ideas?
Liudvikas Bukys
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
