Re: [FW-1] NAT Hide Failure

Subject:	Re: [FW-1] NAT Hide Failure
From:	Reinhard Stich <r.stich AT INTERNET-SECURITY DOT AT>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 25 Oct 2006 19:01:35 +0200

hi,
try to split your internal net and unse more IPs for nat or reduce the session 
timeout.

br
reinhard

** My mobile email is powered by Nokia Mobile Email solutions **
** please 'reply-to-all' when answering... **


> -----Original Message-----
> From: Mailing list for discussion of Firewall-1 on behalf of Matheus Valença
> Received: Wed Oct 25 19:13:29 CEST 2006
> To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Subject: [FW-1] NAT Hide Failure
> 
> Dear CheckPoint Gurus...
> 
>  
> 
> I have a NOKIA IP530 with IPSO 4.1 and CheckPoint R61 installed. This 
> firewall have 19 internal interfaces and 1 external interface with a /28 
> range of IPs.
> 
>  
> 
> The network of the users and some servers (/22), make NAT to internet in one 
> IP. Last night, this nat crashed and all the internet access from this 
> network stopped.
> 
>  
> 
> All others nat (1 to 1 for the web servers) did not stopped.
> 
>  
> 
> I received this message in the LOG;
> 
>  
> 
> DROP - "message_info: NAT Hide failure - there any currently no available 
> ports for hide operation"
> 
>  
> 
>  
> 
> I have no ideas of what could be happening, because the only solution that I 
> have in that hour (4:00am) was a reboot. Rsrsrs
> 
>  
> 
> TKS in advance...
> 
>  
> 
> Matheus Valença
> .T..Systems do Brasil 
> 
>  
> 
> 
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
> 
> 
> 
> 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] NAT Hide Failure, Matheus Valença Re: [FW-1] NAT Hide Failure, Sergio Alvarez Re: [FW-1] NAT Hide Failure, O'Flynn, Derek Re: [FW-1] NAT Hide Failure, Mark Elsen Re: [FW-1] NAT Hide Failure, Reinhard Stich <= Re: [FW-1] NAT Hide Failure, O'Flynn, Derek Re: [FW-1] NAT Hide Failure, Pedro Boavida

Previous by Date:	[FW-1] NAT Hide Failure, Matheus Valença
Next by Date:	Re: [FW-1] NAT Hide Failure, Pedro Boavida
Previous by Thread:	Re: [FW-1] NAT Hide Failure, Mark Elsen
Next by Thread:	Re: [FW-1] NAT Hide Failure, O'Flynn, Derek
Indexes:	[Date] [Thread] [Top] [All Lists]