Solved

Watchguard Freezing

Posted on 2009-04-09
3
735 Views
Last Modified: 2013-11-16
We have a Watchguard Firebox X20e running firmware 10.2.7.  Behind that we have an Exchange server 2003.  There are about 10 computers in our office at any one time.  Most every day, Exchange mail stops and the only way to fix is to reboot the firewall.  Watching the log viewer on the firewall we see "deny out eth1 78 udp 20 128 10.0.0.26 10.0.0.255 137 137 (broadcast)" occurring multiple times per second.  This IP making the oubound request comes only from Vista computers.  This seems to be a network discovery service running, so our questions are

1. Why do vista machines pound the firewall with network discovery requests - Maybe 150 requests a minute/per computer?
2. Is that enough traffic over time to freeze up a firewall?
3. Any other ideas?
0
Comment
Question by:initialit
3 Comments
 
LVL 12

Accepted Solution

by:
zvitam earned 250 total points
ID: 24113992
I suggest you try to turn off (fully or partially) network discovery on the Vista machines, and see if it makes any difference.

reading the following article might also help you:

http://www.vistax64.com/tutorials/125639-network-discovery-turn-off.html

Zvitam,
0
 
LVL 32

Assisted Solution

by:dpk_wal
dpk_wal earned 250 total points
ID: 24154514
Do you see any logs in WG when the box freezes. On X20e there is a limit of available NAT ports (8000 concurrent outbound sessions) which are consumed whenever any internal machine tried to access the internet. There is a possibility that the rogue machine sends so much traffic that all ports are consumed and rebooting frees the ports and brings the network back to normal.

As alerady suggested disable network discovery or if possible, remove the machine from the local network and observe if you still see the device freezing up.

Please update.

Thank you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question