Maybe I should just be quiet and listen - I was so fixated on the other discussion
(where the firewall is the endpoint), I missed that these were connections through
and not to the firewall.
Bill
cryptotech wrote:
> In the telnet process, the remote box will usually attempt to send an IDENT packet
> back to the sender. As this will appear to the firewall as an unsolicited IDENT
> query, it will be dropped. You can validate this by 1) looking in the log viewer
> for entries on the cleanup rule, 2) create a rule that says any externalnat-ip any
> drop.
>
> You should see the incoming ident package being dropped.
>
> Of course part of the problem is the DNS that the others have spoken of.
>
> BTW, you can deal with this problem if you create a rule that says any
> externalnat-ip ident reject.
>
> Cheers,
>
> [EMAIL PROTECTED] wrote:
>
> > Here's a problem that I've been wrestling with for the past three months.
> > When making an outbound TELNET or FTP connection, the client connects
> > immediately but doesn't receive a logon prompt till about 60 seconds
> > afterwards. At that point the users can login and everthing functions
> > properly.
> >
> > Any ideas?
> >
> > Damir Matanic
> > Chicago
> > >
> >
> > ================================================================================
> > To unsubscribe from this mailing list, please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > ================================================================================
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
