Solved

Netscreen 5GT Resetting Connection??

Posted on 2006-11-01
4
649 Views
Last Modified: 2008-01-09
I installed our Netscreen firewall on Friday.  (Netscreen 5GT)  Since then I’ve been having some problems with the Internet connection not being quite right.  I would say 1 out of every 15 pageviews responds in a timeout.  Though a refresh usually does the job.  In firefox, this is the message I’m getting:

http://img519.imageshack.us/img519/3578/firefoxconnectionresetyq8.gif

As for Windows Messenger – it has been having serious problems too.

What could be my problem?  Could it be DNS?  Every time I try a ping or nslookup it works fine.  Could it be the full / half duplex stuff?  What else could be causing this?  For the most part the Internet works – but just sometimes it does not.

My settings:

Trust / Untrust Mode

External IPs:  A /28 pointing at this firewall.  A few MIPs pointing to internal servers on a specific network address.

Internal (192.168.1.1/32) which is set as the trust.  We’re using DHCP on this network from 192.168.1.100 to 192.168.1.150.

It’s my suspicion that it’s a NAT setting or something.  The computers on the MIPs don’t seem to have any issue.  (Thus, the computers that are not public in any way, or that are not doing DNS.)  The reason for the IP addresses and MIPs is for simple web hosting, etc.
0
Comment
Question by:rebies
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 1

Author Comment

by:rebies
ID: 17855092
To clarify

Internet <> DSL Modem <> Firewall <> Switch <> Internal Computers

Yes, most of the Internet works.  (HTTP, Mail, IM, etc)  But sometimes it's just not working.  The best example is the Firefox screenshot above.  In IE it's just a blank page sometimes.   People are signing in and out of MSN Instant Messanger all day.

So - for the most part it works.  But it's droping connections or just not allowing some randomly.  Yes, I have a policy set up that is From Trust to Untrust, any source, any destination, any service, action = Permit.
0
 
LVL 1

Author Comment

by:rebies
ID: 17855534
Antoher note that might help..??  In the Reports > Counters > Flow I see...

illegal pak 4304

I'm not exactly sure what this is or if this might indicate a problem.  But it is almost like the NetScreen is screening and droping some packets or not allowing them..
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 17868476
What kind of licensing do you have ?

Cheers,
Rajesh
0
 
LVL 1

Author Comment

by:rebies
ID: 18001392
Rajesh,

Question got the better of me.  Never figured it out.  Answer accepted for being the only one to help.

Andrew
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question