hi,
At 13:27 18.10.2007, you wrote:
Hello Everybody,
I am running a Firewall Cluster XL, just one node active the another
one is in standby. The issue is the suddenly the Firewall started to
drop packets by the SmartDefense since there were many connection
which exceeded the number of connections per second permited
(SmartDefense -> Network Quota option). The issue is that it doesn't
seems to be one attack since all the connectios are valid ones, for
my understanding the clients are asking more information than before
since all the packes droped are going from the clients to the oracle
server (port 1521/tcp).
My question is:
1.- How can I measure or know the amount of concurrent connections
at one specific time, maybe they are more than the 25000 which the default. ?
fw tab -t connections -s
but futher more you can have a look at the syslogs of your firewall -
you will see error-messages there if your table-buffers (session or
nat) are full.
2.- How can I configure the cluster XL so that it can perform load
balancing (both modules working) instead of active/standby (just one
module working) feature.
in the cluster-objekt you can change that.
fyi: for active-active clusterXL you need a license ...
br
reinhard
--
Reinhard Stich [EMAIL PROTECTED]
Internet Security AG, 1150 Wien, Johnstrasse 29
Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
