It could be associated with the TCP time setting in Global properties. We had a similar problem with an internal machine. We found out that the box had a duplex mismatch that caused TCP sessions to have the appearance of timing out.
Kevin Butters Security Engineer PGP Fingerprint 4226 609A 0CFB 6AAC E66C AC71 DD9F 86E2 535C 0635 -----Original Message----- From: NG, Alfred [mailto:[EMAIL PROTECTED] Sent: Friday, April 04, 2003 5:05 PM To: [EMAIL PROTECTED] Subject: [FW-1] TCP packet out of state rule 0 Hi everyone, In the past there has been some postings of issues with TCP out of state packets. I've noticed over the past few weeks that the firewall has been dropping packets with a message information of: th_flags: 4 message_info: TCP packet out of state I was wondering if this is normal for this to happen as we have a web-based application which people are accessing from the outside over https (port 443). I was wondering what possible causes would be for the web sessions to time-out and whether this would be associated with all the "TCP packet out of state" packets which are being dropped. The dropped packets are outbound from our load-balanced webservers to the clients on the internet. I have also checked system times on the SUN servers and firewalls loadbalancers. There was a time difference with the webservers, firewall, and loadbalancers. Would this affect TCP packets and cause TCP out of state packets to be dropped in Checkpoint? Sincerely, Alfred Ng Information Management Technology Alberta Pensions Administration 3rd Flr, Park Plaza, 10611 - 98 Ave Tel: (780)427-1386 Fax: (780)425-6245 E-Mail: [EMAIL PROTECTED] Web site: www.apaco.ab.ca NOTE: THIS MESSAGE IS INTENDED ONLY FOR THE ADDRESSEE, IT MAY CONTAIN PRIVILEGED OR CONFIDENTIAL INFORMATION. If you are not the intended recipient of this message, you should not: read it, distribute it, copy it or take any action in reliance on the content of this communication. If you have received this communication in error, please notify us at once by reply E-mail, then permanently delete the original, your reply and destroy any copy or printout. ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
