 | ||
 Server side packet of an old UDP connection -> Dropped Packets | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| | LinkBack | Thread Tools | Display Modes |
 2008-02-08 | |||
| |||
 Server side packet of an old UDP connection -> Dropped Packets Hi everyone, We've recently encountered an issue of OUT-OF-STATE UDP Packets on a number of our firewalls. Initially we didn't see anything in the logs, but after unchecking 'Drop OOS UDP Packets" and enabling LOG for that option in the global options, we can still see packets being dropped. We have tried increasing/decreasing the UDP Virtual Timeout settings with no affect. We were also advised by our vendor to change the fw_one_reply_from_any_port(false) to true in GUIDBEDIT, this made no affect either. I would really appreciate if anyone can help with this, we've been working on it for days. Origin: FW-1 Type: Log Action: Drop Protocol: udp Service: 28005 Source: xxxxxx Destination: xxxxxx Source Port: UDP_12080 (12080) Information: message_info: Server side packet of an old UDP connection The packets are from our BIGIP load balancer to our AAA boxes. Out of a range of 28000-28007, ports 28003 and 28005 are being dropped because of this. The rule in dashboard is source / dest / service ANY Any help is appreciated.  |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
