We are running r65 HFA 60 on windows 2003 spk2 enforcement point.
I have a few proxy servers, one on a public network and couple on private networks. Sometime when I make a rule change and compile the rules, the port on the proxy server stops responding. I look in the logs and it says: “tcp packet out of state; Server to client packet of an old tcp connection tcp_flags RST-ACK. The proxy server uses port like 5345 or 8181 etc. This can happen for internal users going to proxy with public address or internal users going to different proxy on different internal ip. If I wait a few minutes and re-compile the rules, the port starts responding again. Not sure how to fix this? May recreate tcp port and just apply none instead of http? Thank for any suggestions. Thanks, rlocus Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
