?
Solved

Watchguard Freezing

Posted on 2009-04-09
3
Medium Priority
?
751 Views
Last Modified: 2013-11-16
We have a Watchguard Firebox X20e running firmware 10.2.7.  Behind that we have an Exchange server 2003.  There are about 10 computers in our office at any one time.  Most every day, Exchange mail stops and the only way to fix is to reboot the firewall.  Watching the log viewer on the firewall we see "deny out eth1 78 udp 20 128 10.0.0.26 10.0.0.255 137 137 (broadcast)" occurring multiple times per second.  This IP making the oubound request comes only from Vista computers.  This seems to be a network discovery service running, so our questions are

1. Why do vista machines pound the firewall with network discovery requests - Maybe 150 requests a minute/per computer?
2. Is that enough traffic over time to freeze up a firewall?
3. Any other ideas?
0
Comment
Question by:initialit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Accepted Solution

by:
zvitam earned 1000 total points
ID: 24113992
I suggest you try to turn off (fully or partially) network discovery on the Vista machines, and see if it makes any difference.

reading the following article might also help you:

http://www.vistax64.com/tutorials/125639-network-discovery-turn-off.html

Zvitam,
0
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 1000 total points
ID: 24154514
Do you see any logs in WG when the box freezes. On X20e there is a limit of available NAT ports (8000 concurrent outbound sessions) which are consumed whenever any internal machine tried to access the internet. There is a possibility that the rogue machine sends so much traffic that all ports are consumed and rebooting frees the ports and brings the network back to normal.

As alerady suggested disable network discovery or if possible, remove the machine from the local network and observe if you still see the device freezing up.

Please update.

Thank you.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses
Course of the Month11 days, 16 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question