Before I explain my problem, I'd like to give a bit of architecture overview. We are using MS Proxy to authenticate and restrict access to Internet services. We then allow the proxy to go through the firewall proxy those services. I also have a mail server that is in our internal network and a cvp server (NAV for Firewalls)in our private network.
The problem is, randomly several times a day, I see traffic from the proxy going directly to the firewalls internal NIC. The traffic gets dropped by rule 0 and logged with "uknown established tcp packet". Then the next few logs show traffic being stopped by syndefender. At the same time, I see SMTP traffic being rejected with the error "Unable to connect to the content security server". Once that happens the firewall gets hosed and requires a reboot to function properly again. Any ideas?? _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
