• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 757
  • Last Modified:

Watchguard Freezing

We have a Watchguard Firebox X20e running firmware 10.2.7.  Behind that we have an Exchange server 2003.  There are about 10 computers in our office at any one time.  Most every day, Exchange mail stops and the only way to fix is to reboot the firewall.  Watching the log viewer on the firewall we see "deny out eth1 78 udp 20 128 10.0.0.26 10.0.0.255 137 137 (broadcast)" occurring multiple times per second.  This IP making the oubound request comes only from Vista computers.  This seems to be a network discovery service running, so our questions are

1. Why do vista machines pound the firewall with network discovery requests - Maybe 150 requests a minute/per computer?
2. Is that enough traffic over time to freeze up a firewall?
3. Any other ideas?
0
initialit
Asked:
initialit
2 Solutions
 
zvitamCommented:
I suggest you try to turn off (fully or partially) network discovery on the Vista machines, and see if it makes any difference.

reading the following article might also help you:

http://www.vistax64.com/tutorials/125639-network-discovery-turn-off.html

Zvitam,
0
 
dpk_walCommented:
Do you see any logs in WG when the box freezes. On X20e there is a limit of available NAT ports (8000 concurrent outbound sessions) which are consumed whenever any internal machine tried to access the internet. There is a possibility that the rogue machine sends so much traffic that all ports are consumed and rebooting frees the ports and brings the network back to normal.

As alerady suggested disable network discovery or if possible, remove the machine from the local network and observe if you still see the device freezing up.

Please update.

Thank you.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now