|
I do recall that Linux ip stack sends data in
reverse. So if your buffering is disabled or if the buffers are small, the
firewall will drop the packets before getting the headers containing sourse and
destination.
I'll have to look it up in my PIX documentation, if
you need more info I 'll do that tomorrow.
(Don t have it here)
Hope it is something to start looking
at.
Cheers
----- Original Message -----
Sent: Thursday, October 18, 2001 1:58
AM
Subject: Checkpoint issues with
linux
Background.... I am putting linux servers at different
locations across the
country. The customer is required to open ports
7000-8000 inbound and
outbound for our proprietary client to
communicate. It is encrypted ftp
traffic. The normal test
procedure is to telnet from a windows laptop to
port 7000 at our noc.
This works fine with the windows box, but then fails
with the linux
box. Same IP used for both.
The issue was repeated at a second
location using checkpoint fw. I don't
use/own any checkpoints so
getting support is difficult.
The problem seems related to linux and
high ports (I am using 7000-8000)
with checkpoint FW, lower port ranges
work fine. I have been able to telnet
from our noc to the target with
windows and solaris, but not linux.
Is there a something that is
missing in the checkpoint config? Is this a
known issue?
Jason
Lewis
http://www.packetnexus.com
It's not
secure "Because they told me it was secure".
The people at the other end of
the link know less
about security than you do. And that's
scary.
_______________________________________________
Firewalls
mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
|
