CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: Something weird issue with mssql connection

  1. #1
    Join Date
    2012-06-13
    Posts
    366
    Rep Power
    7

    Default Something weird issue with mssql connection

    Hello,

    I am facing kind of weird issue with MSSQL Server, I have this server which connect to SQL server on Internet on port 1433. Now here is the issue

    Somehow this server is not able to connect to External server
    1. If that server is on Internet dongle Outbound connection port 1433 works fine
    2. If the server put directly on Internet it works fine
    3. I tried Static NAT it does not work, Hide nat still same issue
    4. No drops nothing is observed on CP
    5. Disabled all bladed except FW same issue
    6. Even replaced the firewall and it WORKS
    7. fw ctl zdebug does not show any drops..


    I am complete clueless here..please advise.

  2. #2
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,218
    Rep Power
    13

    Default Re: Something weird issue with mssql connection

    You'll need to run a tcpdump on the firewall's external interface with -e filtered for port 1433 and arp. Is the port 1433 packet leaving? Was it NATted as expected? Is the firewall answering the proxy ARP request? Is the reply packet returning? Is the reply packet going to the correct MAC address of the firewall's external interface?

    If I had to take a wild guess, I'd say you have a single non-clustered firewall and it is not answering the proxy ARP request for the NAT IP address, because you have clustering inappropriately enabled in cpconfig.
    --
    Second Edition of my "Max Power" Firewall Book
    Now Available at http://www.maxpowerfirewalls.com

  3. #3
    Join Date
    2012-06-13
    Posts
    366
    Rep Power
    7

    Default Re: Something weird issue with mssql connection

    Quote Originally Posted by ShadowPeak.com View Post
    You'll need to run a tcpdump on the firewall's external interface with -e filtered for port 1433 and arp. Is the port 1433 packet leaving? Was it NATted as expected? Is the firewall answering the proxy ARP request? Is the reply packet returning? Is the reply packet going to the correct MAC address of the firewall's external interface?

    If I had to take a wild guess, I'd say you have a single non-clustered firewall and it is not answering the proxy ARP request for the NAT IP address, because you have clustering inappropriately enabled in cpconfig.
    Well I came to the conclusion and it is cent percent Windows server issue. I completely analysed using wireshark and it appears to be a local DNS issue. Though I am still looking at it.

    Thanks for the reply though.

Similar Threads

  1. Weird issue when using with DHCP and Wi-fi
    By blason in forum Firewall Blade
    Replies: 1
    Last Post: 2013-12-17, 17:59
  2. connection slow through the firewall (weird problem)
    By matus.cech in forum Firewall Blade
    Replies: 0
    Last Post: 2013-03-14, 22:51
  3. Weird Issue with Cluster XL
    By dub_boy2k in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 5
    Last Post: 2011-07-12, 22:25
  4. Weird Http issue
    By Spiky in forum Miscellaneous
    Replies: 5
    Last Post: 2010-08-12, 07:56
  5. Weird issue after R65 upgrade
    By brierw in forum Installing And Upgrading
    Replies: 2
    Last Post: 2009-01-27, 11:43

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •