I've seen this myself on a Pro300. It is an issue in the sonicwall where they are over protective. Every time a fragmented packet crosses the sonicwall it logs it as a ping of death and drops it (I assume it drops it). I've talked to our regional sonicwall engineer and they said it is something they know about and are working on. You can set the Path MTU on your windows machine to be lower, try like 1440, to prevent packet fragmentation. You might also try messing with the MTU on the SonicWall, but I don't think that is where the problem is. Your right about the XP thing, as the customer we manage only has this problem with IP's associated with XP machines. It's something to do with XP fragmenting packets.
-Nathan >>-----Original Message----- >>From: Roger A. Grimes [mailto:[EMAIL PROTECTED] >>Sent: Monday, July 14, 2003 5:47 PM >>To: Darren Gragg; [EMAIL PROTECTED] >>Subject: Re: Ping of Dead on LAN >> >> >>I've installed dozens of Sonicwalls, and I can tell you that >>isn't a normal >>symptom. >> >>We need more details...when do the POD's happen...? As soon >>as the machine >>is turned on (before XP is loaded), all the time, >>randomly....give us more >>details. >> >>If I was you, I'd disable services and use netstat -ano to >>find out what >>service or program is generating the false-positive traffic (if it is >>false-positive traffic). >> >>Turn on SW's packet sniffing features and capture a few >>packets...and take a >>look. >> >>Roger >> >>----- Original Message ----- >>From: "Darren Gragg" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Sent: Monday, July 14, 2003 4:50 PM >>Subject: Ping of Dead on LAN >> >> >>> I have a problem that SonicWALL can't seem to figure out >>and I'm running >>out >>> of ideas myself. We have a main location where our DC is with our >>branches >>> connected via t-1 lines. Also at the main location is a >>SonicWALL pro >>200. >>> Each time I install a Windows XP Pro machine at our branch >>locations it >>> creates more and more Ping of Death Blocked entries in our >>firewall log. >>> Does anyone have any ideas? Any help would be great! >>> >>> Darren Gragg >>> CTO >>> >>> >>> >>-------------------------------------------------------------- >>------------ >>- >>> Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by >>top analysts! >>> The Gartner Group just put Neoteris in the top of its Magic >>Quadrant, >>> while InStat has confirmed Neoteris as the leader in marketshare. >>> >>> Find out why, and see how you can get plug-n-play secure >>remote access in >>> about an hour, with no client, server changes, or ongoing >>maintenance. >>> >>> Visit us at: http://www.neoteris.com/promos/sf-6-9.htm >>> >>-------------------------------------------------------------- >>------------ >>-- >>> >> >> >>-------------------------------------------------------------- >>------------- >>Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by >>top analysts! >>The Gartner Group just put Neoteris in the top of its Magic Quadrant, >>while InStat has confirmed Neoteris as the leader in marketshare. >> >>Find out why, and see how you can get plug-n-play secure >>remote access in >>about an hour, with no client, server changes, or ongoing maintenance. >> >>Visit us at: http://www.neoteris.com/promos/sf-6-9.htm >>-------------------------------------------------------------- >>-------------- >> >> --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
