Re: [FW-1] Urgent help needed. NGx R61 with HFA

Subject:	Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC
From:	cisco4ng <cisco4ng AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 30 Oct 2006 12:17:16 -0800

Hi Jason,
  
  I already apply the patch and I will reboot the win2k3 server this eveing.  
Will let
  you know this evening.  
  
  I am curious.  Is Checkpoint aware of this issue?  If so, what is checkpoint 
  planned on doing anything about this?  Like you said, I applied the latest 
  checkpoint HFA_01 on NGx R61 but I still have issues.
  
  By the way, it is good to hear from you again.  Thanks.
  
  cisco4ng

chkp tech <chkptech AT GMAIL DOT COM> wrote:  I've been at a client site for 
the past couple weeks, and the infrastructure
team came over to me and had the exact same problem.  They asked me to look
at it, and I could see that dcerpc traffic was being dropped.

You can verify this traffic is being dropped by something other than the
rulebase by performing the following command:

fw ctl zdebug drop > debug.drop

Now try to join the machine to the domain or replicate data, to get some
drops, and then open the file.  If the packets are being dropped due to the
rule base, the reason will be:  rulebase drop.

When Windows 2003 Service Pack 1 machines would try to either join the
domain or replicate AD data across the forest, we would see drops and other
weirdness.

We upgraded the clusters to the latest patches and still saw the problems.

We finally contacted Microsoft for the patch listed in
http://support.microsoft.com/kb/899148 and this resolved the issue.  Another
workaround was to pull Service Pack 1 off of the machines, but I don't think
this is a legitimate solution ;)

Jason


On 10/30/06, pkc_mls 
 wrote:
>
> cisco4ng a écrit :
> > hi,
> >
> > Thanks for the link.  However, when I look under
> > HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\
> > I do not see Rpc subkey.  The sk seems to imply that the sub key is
> already
> > there.  Furthermore, my windows Enterprise 2003 server is an AD server.
> >
> > Anymore ideas?  thanks.
> >
> if you have an access to the secureknoledge, you can search for dcerpc.def
> .
> otherwise, try the same search in the mailing list archive
> (msgs.securepoint.com allows you to search
> through the archives).
> > cisco4ng
> >
> > pkc_mls 
 wrote: >
> http://support.microsoft.com/kb/899148/fr
> >
> > remove the /fr for the same infos not in french.
> >
> > (quite hard on monday morning ... )
> >
> >> I never tried this, but I hope this'll work for you.
> >>
> >>>   cisco4ng
> >>>
> >>>
> >
> >
> >
> >
> >
> >
> >
> ___________________________________________________________________________
> > Découvrez une nouvelle façon d'obtenir des réponses à toutes vos
> questions !
> > Profitez des connaissances, des opinions et des expériences des
> internautes sur Yahoo! Questions/Réponses
> > http://fr.answers.yahoo.com
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
> >
> >
> > ---------------------------------
> > Low, Low, Low Rates! Check out Yahoo! Messenger's cheap  PC-to-Phone
> call rates.
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
> >
>
>
>
>
>
>
>
> ___________________________________________________________________________
> Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions
> !
> Profitez des connaissances, des opinions et des expériences des
> internautes sur Yahoo! Questions/Réponses
> http://fr.answers.yahoo.com
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================




 
---------------------------------
 Check out the New Yahoo! Mail - Fire up a more powerful email and get things 
done faster. 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, cisco4ng Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, Gary Scott Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, Hugo van der Kooij Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, pkc_mls Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, pkc_mls Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, cisco4ng Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, pkc_mls Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, chkp tech Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, cisco4ng <= Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, cisco4ng

Previous by Date:	Re: [FW-1] Odd problem with SmartDashboard NGX R61., Mark Elsen
Next by Date:	Re: [FW-1] SmartCenter password (Was: Cluster upgrade and SecureClient), Michael J. Semaniuk
Previous by Thread:	Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, chkp tech
Next by Thread:	Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC, cisco4ng
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: [FW-1] Urgent help needed. NGx R61 with HFA_01 and Microsoft DCE-RPC