HI there I have Firewall-1 NG Feature Pack 2 installed on a Win2K Server. Clients internally operate on a 10.0.0.X range - and the firewall has 2 interfaces - one Internal, one External. Clients are hidden behind the firewalls external address - (This is necessary due to the fact that we only have 1 useable IP address - and we are not publishing any services to the Internet) What I am seeing is as follows... Client tries to telnet to an external server on a fictitious port ie. www.ibm.com on port 1. the client gets a connect. ie Client issues SYN, Receives SYN ACK, and then replies with an ACK - as a result, the client thinks that it has a connection. Having done some packet captures, I can see that Firewall-1 is actually forging the SYN ACK - and (not surprisingly) www.ibm.com is not replying on port 1 with a SYN ACK. Firewall-1 is configured with SYNDefender turned off - both on the firewall object and under the global properties.
Do you know if this is a bug - or have I mis-configured Firewall-1 / is there a script file that can be editted? Any feedback would be most appreciated... Many Thanks...Rowland Rowland Johnson Network Consultant [EMAIL PROTECTED] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
