You shouldn't have to modify the base.def file. This problem was fixed in NGX. Are your connections being dropped? If so, try creating an explicit rule that only allows sqlnet2 services.
Din -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of cisco4ng Sent: Friday, October 05, 2007 3:20 PM To: [email protected] Subject: [FW-1] sqlnet connection issue traversing the firewall I had issues with oracle sqlnet connections traversing the NG-AI R55 with HFA_20 SPLAT firewalls. I fixed the issue by modifying the $FWDIR/lib/base.def in the CMA according to Checkpoint sk19566, as follows: RECORD_DATA_CONN(dst,0,sr1,sr2,sr3, IS_ACCEPTED_A, 0x4a, 0, 0), Modification: RECORD_DATA_CONN(dst,0,sr1,sr2,sr3, IS_ACCEPTED_A, 0x4a, 86400, 0), ("86400" is the desired timeout in seconds) After upgrading to NGx R61, I run into the same issue again. I tried to modify the base.def but there is NO such parameter in the base.def. Does anyone know how to do this in NGx? Thanks. --------------------------------- Shape Yahoo! in your own image. Join our Network Research Panel today! ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
