Posted on 2009-04-09
We have a Watchguard Firebox X20e running firmware 10.2.7. Behind that we have an Exchange server 2003. There are about 10 computers in our office at any one time. Most every day, Exchange mail stops and the only way to fix is to reboot the firewall. Watching the log viewer on the firewall we see "deny out eth1 78 udp 20 128 10.0.0.26 10.0.0.255 137 137 (broadcast)" occurring multiple times per second. This IP making the oubound request comes only from Vista computers. This seems to be a network discovery service running, so our questions are
1. Why do vista machines pound the firewall with network discovery requests - Maybe 150 requests a minute/per computer?
2. Is that enough traffic over time to freeze up a firewall?
3. Any other ideas?