Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] "violated unidirectional connection" drops

from Ray Pesek [Permanent Link]
Subject: Re: [FW-1] "violated unidirectional connection" drops
From: Ray Pesek <sixsigma44 AT HOTMAIL DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Mon, 29 Mar 2004 18:58:51 -0500 
Fixed. In Policy/Global Properties/Stateful Inspection, we had to check
"Accept stateful UDP replies for unknown services."

Ray


From: Ray Pesek <sixsigma44 AT HOTMAIL DOT COM>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] "violated unidirectional connection" drops
Date: Mon, 29 Mar 2004 12:00:48 -0500

On NG AI R55 HFA02 I'm seeing lots of "message_info: Violated
unidirectional
connection" drops. They occur on my remote clients trying to talk to the
Ghost console, the remote clients trying to talk to the Symantec console
and
internal people trying to access Citrix applications on external sites.

The Citrix drops started occuring after we went from HFA01 to HFA02. From
the spotchedk, they are all on UDP.

Any thoughts or advice is greatly appreciated.

Ray

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar ? get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


_________________________________________________________________
Check out MSN PC Safety & Security to help ensure your PC is protected and
safe. http://specials.msn.com/msn/security.asp

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] New Open SSL Vulnerability, Ray Pesek
Next by Date:  Re: [FW-1] Next version of Checkpoint firewall, Ray Pesek
Previous by Thread:  [FW-1] "violated unidirectional connection" drops, Ray Pesek
Next by Thread:  [FW-1] Clientless VPN, Shoval Tomer
Indexes:  [Date] [Thread] [Top] [All Lists]