[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] TCP_TIMEOUT, perhaps?

To: std@jax.org, fw-1-mailinglist@lists.us.checkpoint.com
Subject: Re: [FW1] TCP_TIMEOUT, perhaps?
From: Alain Mouilleron <amouilleron@europarl.eu.int>
Date: Wed, 01 Sep 1999 16:22:08 +0200


Hi,

I use to have something like that (but not on smtp) and it was my user timeout browser parameter which close the connection, not my fw.
In my case, my user were on microsoft and in the registry there is a timeout which you could modify and which is by default at 5 min.
Add the ReceiveTimeout DWORD value with a data value of <number of seconds>*1000 in the following registry key: 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings 

But, if you have the same pb with smtp, it might not be this pb.

Alain
>>> "Sashka T. Davis" <std@jax.org> 09/01/99 03:37pm >>>


HI!

Sorry if this has been discussed before.

I have default-deny security policy installed on the firewalled
host (Ultra 1, Solaris 2.6, FW-1, v.4, SP2).
Here is my problem:
I have default deny security policy installed and my internal users
have unrestricted accesses to outside services. My users occasionally
have their http or ftp transfers hanging at 99% and never finish.
The firewall doesn't recognize the packets that belong to already
approved and established outbound sessions so it rejects them.
The denials in the fwlog are registered as
in-bound requests, the service name usually is a large number,
the protocol is TCP, and the port number is usually
http or ftp, or smpt. Usually happens to transfers that take more
than 5 minutes.  So I though that TCP timeout might
be at fault and I increased the timeout to 1000 minutes. This didn't
change anything. I still have the problem.


Any clues?

TIA,
Sashka





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html 
================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Routing Problems
Next by Date: [FW1] Firewall log Switching Problem
Prev by thread: [FW1] TCP_TIMEOUT, perhaps?
Next by thread: Re: [FW1] Looking for answers!
Index(es):
- Date
- Thread