1 - fw tab -t connections -s , look for the VALS and PEEKS 2 - you need license for this issue, if you got it or eval just switch on the cluster properties to work as active\active
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Edouard Zorrilla Sent: Thursday, October 18, 2007 13:28 PM To: [email protected] Subject: [FW-1] Througput problem in Firewall XL Hello Everybody, I am running a Firewall Cluster XL, just one node active the another one is in standby. The issue is the suddenly the Firewall started to drop packets by the SmartDefense since there were many connection which exceeded the number of connections per second permited (SmartDefense -> Network Quota option). The issue is that it doesn't seems to be one attack since all the connectios are valid ones, for my understanding the clients are asking more information than before since all the packes droped are going from the clients to the oracle server (port 1521/tcp). My question is: 1.- How can I measure or know the amount of concurrent connections at one specific time, maybe they are more than the 25000 which the default. ? 2.- How can I configure the cluster XL so that it can perform load balancing (both modules working) instead of active/standby (just one module working) feature. Thanks a lot for your time, Regards ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
