 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
> We are running FW-1 NG FP3 with SmartDefense. We just started > implementing > this configuration and I have noticed that if I turn on the > SmartDefense > DNS UDP Protocol Enforcement, my BIND 9.2.1 DNS servers > behind the firewall > can not perform recursive lookups. > > It would appear that the returned packets from the external > DNS servers are > getting dropped with SmartDefense claiming that it's "Badly > Formed DNS". > > Any suggestions? Maybe this is a similar issue as with Cisco Pix not handling dns udp requests >512 bytes as EDNS0 allows larger dns packets: http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=cscds58726 Lars ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.