Had the same problem just a couple weeks ago. Indeed, Sonic does have limit
(2048) on how many simultaneous connections (read: high ports no.s) it uses
for PAT.
Turned out the problem was an SMTP daemon on a machine that was using PAT to
send outgoing mail. It services 300 users, sending mail instanteously when
requested by users. However, it would open a TCP connection to relay mail
for each message, not to mention doing POP mail collection from ISP.... all
using PAT. My mistake. The result: this one machine had the bulk of high
ports open, not many other ports available for users PAT sessions.
Solved the problem by making 1-1 NAT for this one machine (SMTP/POP only).
Problem is likely similar in that one or more hosts are taking up the bulk
of connections. Your Sonic logs should give you a clue...
-Shawn
-----Original Message-----
From: Eric Carr [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 18, 2000 3:01 AM
To: [EMAIL PROTECTED]
Subject: Sonicwall DMZ cache full?
Hi all,
For some reason, after about 2 days uptime, my Sonicwall DMZ log starts
filling up with "The cache is full; over 2048 simultaneous connections; some
will be dropped" error messages, which ofcourse makes our
connection-test-scripts flood us with error-report emails.
Has anyone got an idea why "the cache is filled up" ? The load on the
firewall is minimal at this time, but still..
I'm running firmware v5.0.0 (most recent)...
Regards,
Eric
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
