Hi Jean-Christophe,
looks like you have a routing problem, we see the same whenever we have
asymetric routing around the firewalls. In normal routing you can set this
behaviour where the response packets take different routes, that doesn't
work with a fw1 in the routing path.
Which ist your default gateway on the host in the 192.168.103.0/24 network?
Looks like it is the 192.168.103.51. Set it to your router 192.168.103.52
and on that set the default gateway to your firewall.
When you initiate your terminal server session from 192.168.43.94 to
192.168.103.6, the syn packet goes to the router and then from the
interface 192.168.103.52 directly to the host 192.168.103.6. which sends
the syn-ack packet to the firewall 192.168.103.51. Now the fw1 finds a new
connection from 192.168.103.6 to 192.168.43.94 which doesn't start with a
syn packet and you get the drop and the log entry.
Mit freundlichen Grüßen/Kind
regards/Attentamente
Thomas Seher
------------------------------------------------
DEKRA AG
* Abt.: HE22
*
Tel.: ++49 711 7861 2600 * Fax: ++49 711 7861
2241
thomas.seher AT dekra DOT com * http://www.dekra.com
------------------------------------------------
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
