I have R65 hfa60 running on windows 2003. 4 interfaces, 2 internal and 1 dmz and external. Everything on this simple clone box works good.
I am testing with r71.1 SPLAT on a dell power edge 2950 two on board nic’s and intel pci express with 4 ethernet jacks. I am moving objects and policy with merge and it works well. Just setup everything like the r65 box. On the r71 box I just run IPS and shutdown everything else for now. Everything works on the r71 box as expected except a few connections routing across the two internal private ip subnets. I try to connect to http proxy on the other private subnet and it will work for a few minutes and then just stop working. When it stops, I’m still pinging the proxy, so interface is not dropping out. Routing seems to be good because other exchange traffic work and backups work fine across the link. If I try to connect to web app server across two private subnets, it will work and the just start causing odd java connects errors i.e. dropping out again, but I’m still ping that server the whole time. If I go back to r65 box everything is normal. Log’s show all connections and no drops. Only thing I saw in log was TCP SYN Modified retran’s, so I turned TCP SYN off with no help and then excluded both private subnets from ips and still doesn’t work. Both private subnets can go out the internet just fine and also access the dmz fine. Problem just seems to occur with http or https across the two private interfaces. Our exchange and domain communications seem to work normally across the two private interfaces. Any suggestions would be appreciated. thank, rlocus Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
