 | ||
 novell client and microsoft-ds | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-03-29 | |||
| |||
 novell client and microsoft-ds hello, if any of you is using novell-client on machines inside and wants to connect via microsoft-ds to a network separated by your firewall following registry setting on machines inside speeds up authentication. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\NetworkProvider\HwOrder] "ProviderOrder"="LanmanWorkstation,NetwareWorkstat ion,RDPNP,WebClient" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\NetworkProvider\Order] "ProviderOrder"="LanmanWorkstation,NetwareWorkstat ion,RDPNP,WebClient" by default the order is... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\NetworkProvider\HwOrder] "ProviderOrder"="NetwareWorkstation,RDPNP,LanmanWo rkstation,WebClient" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\NetworkProvider\Order] "ProviderOrder"="NetwareWorkstation,RDPNP,LanmanWo rkstation,WebClient" ...resulting in waiting about 40s after getting connected via microsoft-ds: Time Source Destination Protocol Info 0.000000 inside-ip dmz1-ip TCP 1051 > 524 [SYN] Seq=2908330968 Ack=0 Win=65535 Len=0 MSS=1460 2.963212 inside-ip dmz1-ip TCP 1051 > 524 [SYN] Seq=2908330968 Ack=0 Win=65535 Len=0 MSS=1460 8.978901 inside-ip dmz1-ip TCP 1051 > 524 [SYN] Seq=2908330968 Ack=0 Win=65535 Len=0 MSS=1460 21.011120 inside-ip dmz1-ip TCP 1052 > 524 [SYN] Seq=3905403438 Ack=0 Win=65535 Len=0 MSS=1460 24.072845 inside-ip dmz1-ip TCP 1052 > 524 [SYN] Seq=3905403438 Ack=0 Win=65535 Len=0 MSS=1460 30.088513 inside-ip dmz1-ip TCP 1052 > 524 [SYN] Seq=3905403438 Ack=0 Win=65535 Len=0 MSS=1460 42.121050 inside-ip dmz1-ip TCP 1053 > microsoft-ds [SYN] Seq=1840120185 Ack=0 Win=65535 Len=0 MSS=1460 42.121258 inside-ip dmz1-ip TCP 1054 > netbios-ssn [SYN] Seq=4082817932 Ack=0 Win=65535 Len=0 MSS=1460 42.121467 dmz1-ip inside-ip TCP microsoft-ds > 1053 [SYN, ACK] Seq=200689494 Ack=1840120186 Win=16384 Len=0 MSS=1460 42.121525 inside-ip dmz1-ip TCP 1053 > microsoft-ds [ACK] Seq=1840120186 Ack=200689495 Win=65535 Len=0 42.121675 inside-ip dmz1-ip SMB Negotiate Protocol Request 42.123387 dmz1-ip inside-ip SMB Negotiate Protocol Response 42.123784 inside-ip dmz1-ip SMB Session Setup AndX Request, NTLMSSP_NEGOTIATE 42.124914 dmz1-ip inside-ip SMB Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED 42.125176 inside-ip dmz1-ip SMB Session Setup AndX Request, NTLMSSP_AUTH, User: \ 42.128029 dmz1-ip inside-ip SMB Session Setup AndX Response 42.128158 inside-ip dmz1-ip SMB Tree Connect AndX Request, Path: \\dmz1-ip\IPC$ 42.129248 dmz1-ip inside-ip SMB Tree Connect AndX Response 42.129445 inside-ip dmz1-ip SMB Trans2 Request, GET_DFS_REFERRAL, File: \dmz1-ip\c$ 42.130398 dmz1-ip inside-ip SMB Trans2 Response, GET_DFS_REFERRAL, Error: STATUS_NO_SUCH_DEVICE 42.133426 inside-ip dmz1-ip SMB Session Setup AndX Request, NTLMSSP_NEGOTIATE 42.135187 dmz1-ip inside-ip SMB Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED 42.135669 inside-ip dmz1-ip SMB Session Setup AndX Request, NTLMSSP_AUTH, User: CP-REMOTE\administrator 42.138196 dmz1-ip inside-ip SMB Session Setup AndX Response 42.138348 inside-ip dmz1-ip SMB Tree Connect AndX Request, Path: \\dmz1-ip\C$ 42.139611 dmz1-ip inside-ip SMB Tree Connect AndX Response 42.339179 inside-ip dmz1-ip TCP 1053 > microsoft-ds [ACK] Seq=1840121789 Ack=200690861 Win=64169 Len=0 43.360840 inside-ip dmz1-ip SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: 43.363168 dmz1-ip inside-ip SMB Trans2 Response, QUERY_PATH_INFO 43.363495 inside-ip dmz1-ip SMB Trans2 Request, QUERY_FS_INFO, Query FS Volume Info 43.363754 dmz1-ip inside-ip SMB Trans2 Response, QUERY_FS_INFO 43.363810 inside-ip dmz1-ip SMB Trans2 Request, QUERY_FS_INFO, Query FS Attribute Info 43.365906 dmz1-ip inside-ip SMB Trans2 Response, QUERY_FS_INFO 43.366227 inside-ip dmz1-ip SMB Trans2 Request, QUERY_FS_INFO, Query FS Attribute Info 43.366473 dmz1-ip inside-ip SMB Trans2 Response, QUERY_FS_INFO 43.542232 inside-ip dmz1-ip TCP 1053 > microsoft-ds [ACK] Seq=1840122091 Ack=200691203 Win=65297 Len=0 after reordering the connection works fine - with a little defer (about 1 second) connecting to novell-fileserver. kind regards from innsbruck /oliver  |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
