Re: [FW1] Once again: unknown wstablished tcp packets

Wed, 08 Aug 2001 06:19:22 -0700 


Hello Dan

In my case it happened so, that I did static nat for one machine.
I allowed allkinda packets to that machine, but had forgot to allow that
machine
to talk to outside world. I also got the same unknown established TCP packet
errors and the connections were all waiting to be finalized, but it all was
fixed
as soon as I allowed internal machine to communicate to external network.
After
that all cleared out and I was able to access that machine ...

Hope it helps...

Mario Kadastik
CCSA, CCSE
[EMAIL PROTECTED]
----- Original Message -----
From: "Dunn, Daniel, CTR, OSD-ATL" <[EMAIL PROTECTED]>
To: "FW-1 Mailing List Check (E-mail)"
<[EMAIL PROTECTED]>; "Fw1-Wizards (E-mail)"
<[EMAIL PROTECTED]>
Sent: Monday, August 06, 2001 4:49 PM
Subject: [FW1] Once again: unknown wstablished tcp packets


>
> I have to agree with other admins on the list: ever since installing SP4
for
> FW-1 V4.1, I've had a massive recurrence of the infamous 'reason: unknown
> established tcp packets' drop.  I went back and re-applied Phoneboys fix
for
> this problem, but it does not fix the problem.  Has anyone been able to
come
> up with a solution for this?  TIA.
>
> Cheers,
>
> Dan
>
> --------------------------------------------------------------------------
--
> -
> Daniel R. (Dan) Dunn, EE, CCSA/CCSE
> Principal INFOSEC Engineer, GRC Int'l (an AT&T company)
> OSD-ITD Firewall Administrator
> p: 703-614-8086, ext 500
> f: 703-693-3112
>
> The opinions expressed by the author are entirely his own, and do not
> reflect those of AT&T, GRCI, Inc., or their subsidiaries, nor do they
> reflect policy, opinion, or endorsement by the US Department of Defense or
> any of its agencies.
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to