Solved

Netscreen 5GT Resetting Connection??

Posted on 2006-11-01
4
658 Views
Last Modified: 2008-01-09
I installed our Netscreen firewall on Friday.  (Netscreen 5GT)  Since then I’ve been having some problems with the Internet connection not being quite right.  I would say 1 out of every 15 pageviews responds in a timeout.  Though a refresh usually does the job.  In firefox, this is the message I’m getting:

http://img519.imageshack.us/img519/3578/firefoxconnectionresetyq8.gif

As for Windows Messenger – it has been having serious problems too.

What could be my problem?  Could it be DNS?  Every time I try a ping or nslookup it works fine.  Could it be the full / half duplex stuff?  What else could be causing this?  For the most part the Internet works – but just sometimes it does not.

My settings:

Trust / Untrust Mode

External IPs:  A /28 pointing at this firewall.  A few MIPs pointing to internal servers on a specific network address.

Internal (192.168.1.1/32) which is set as the trust.  We’re using DHCP on this network from 192.168.1.100 to 192.168.1.150.

It’s my suspicion that it’s a NAT setting or something.  The computers on the MIPs don’t seem to have any issue.  (Thus, the computers that are not public in any way, or that are not doing DNS.)  The reason for the IP addresses and MIPs is for simple web hosting, etc.
0
Comment
Question by:rebies
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 1

Author Comment

by:rebies
ID: 17855092
To clarify

Internet <> DSL Modem <> Firewall <> Switch <> Internal Computers

Yes, most of the Internet works.  (HTTP, Mail, IM, etc)  But sometimes it's just not working.  The best example is the Firefox screenshot above.  In IE it's just a blank page sometimes.   People are signing in and out of MSN Instant Messanger all day.

So - for the most part it works.  But it's droping connections or just not allowing some randomly.  Yes, I have a policy set up that is From Trust to Untrust, any source, any destination, any service, action = Permit.
0
 
LVL 1

Author Comment

by:rebies
ID: 17855534
Antoher note that might help..??  In the Reports > Counters > Flow I see...

illegal pak 4304

I'm not exactly sure what this is or if this might indicate a problem.  But it is almost like the NetScreen is screening and droping some packets or not allowing them..
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 17868476
What kind of licensing do you have ?

Cheers,
Rajesh
0
 
LVL 1

Author Comment

by:rebies
ID: 18001392
Rajesh,

Question got the better of me.  Never figured it out.  Answer accepted for being the only one to help.

Andrew
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question