If you login to the firewall you can run:
fw tab -t connections -s
HOST NAME ID #VALS #PEAK #SLINKS
localhostconnections8158 11204 19925 42284
In the example above, connection table has 11204 entries at that moment,
and the highest ever seen was 19924.
However, whenever the firewall is rebooted this number is cleared.
If you suspect the firewall is maxing out connections, you should
probably set up to graph the connection table size over time. Graphing
other metrics like CPU, Memory usage, and network interface usage, is
not a bad idea.
a bv vbavbal...@gmail.com wrote:
Maximum concurrent connections parameter says 96000 which i at work times
most see 9000 or something else number of connections at most at
smartviewmonitor.
regards
2013/6/4 Independent IT Consultant itsec.itcons...@gmail.com
Check that you're not filling the connection table (under the gateway
properties look in capacity optimization) -- the problem description has
all the classic earmarks of it. I'd wager that the gateway is still
configured with the default 25K connections.
On Tue, Jun 4, 2013 at 2:56 AM, a bv vbavbal...@gmail.com wrote:
Hi,
On a R70 SPLAT standalone enviroment the near time cases:
1. People/clients started to be unable to resolve DNS addresses from the
enterprise. Its said to be
that no change or something else done at internal dns servers but im not
sure.
2. after 2 week from below case ites reported that at night enterprises
internet connection gone for an hour (there is a netowrk graph showing
me)
and again its said that after rebooting the firewall
all started to work well . And when i look at the firewalls
/var/log/messages i saw only the reboot information and before them there
were regular messages (which most unwanted is log buffer full
which i increased the buffer size many times) . And ı only saw 4 minutes
of
log trafiic interrupt
at the smarttbviewtracker which doesnt match the 1 hour thing.
I had these issues before sometimes servers that doesnt give service both
lan and outside at that time blamed firewall. Restart the firewall look
how
it will be fixed, and mostly does (which
no weird log occurs at /var/log/meesages, IPS etc) and people love to say
that firewall has problems or something triggers it but i cant see any
clue
or track about it.
Adding the motivation that people like sying firewall has problems , lets
give this to person b etc etc things are boring.
I also want to upgrade it make a cluster for gaining performance and new
version etc , but its a budget , time and approve/human issue and this
upgrade wont guarantee that (whatever the reason is) these kind of
situations/interrupts will occur (especially some bad guys are doin
something which i couldnt figured out).
I like to have your opinions and advice
Regards
--
David DeSimone == Network Admin == f...@verio.net
I don't like spinach, and I'm glad I don't, because if I
liked it I'd eat it, and I just hate it. -- Clarence Darrow
This email message is intended for the use of the person to whom it has been
sent, and may contain information that is confidential or legally protected. If
you are not the intended recipient or have received this message in error, you
are not authorized to copy, distribute, or otherwise use this message or its
attachments. Please notify the sender immediately by return e-mail and
permanently delete this message and any attachments. Verio Inc. makes no
warranty that this email is error or virus free. Thank you.
Email secured by Check Point
=
To set vacation, Out-Of-Office, or away messages,
send an email to lists...@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=
If you have any questions on how to change your
subscription options, email
fw-1-ow...@ts.checkpoint.com
=