it's not just ssh, also telnet, oracle, etc.
cheers
corne
> I have a situation where ssh connections from inside the fw dies some
> arbitrary time after they were started.
>
> Doing a sniff on the network (both sides of the fw) reveals
> the following:
> packets happily flow from the client to the server. At some
> stage the client
> sends another packet, at which point the server doesn't
> respond. This is the
> stage where the ssh connection is now dead. The client now
> sends a bunch of
> retransmits, thinking that the session is still up.
>
> After the session drops, I see dropped packets in the fw log,
> with the error
> "unknown established tcp packet". This would indicate that
> the fw no longer
> has an entry in its state table for that connection.
>
> But why would the connection disappear from the table? From a
> network sniff,
> there is no indication that a reset or fin is sent, or
> anything like that.
> It seems as if the fw is arbitrarily removing that connection.
>
> Any ideas?
>
> Regards
> Corne van Dyk
> Dimension Data: Network security engineer
> Tel: +27 21 659 2540
> Fax: +27 21 659 2101
> Helpdesk: +27 21 659 2112
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
