Not applicable
Created on 03-12-2004 03:15 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FG-60 Stops Passing Traffic
I' m at my wits end and I' m hoping you guys can help out with a problem that I' ve got.
We have deployed a couple of FG-60s and are now having problems with the devices. The first sign of trouble was when a client complained of not having Internet access (port 80). We were running MR-6 at the time. If I reset the device traffic would start to flow again. After this happened a couple of time, I called the support number for assistance. I was asked to upgrade to MR-7 which I did. We then started having occasional problems at the same client with POP3 access. Again, a reset on the device cleared the matter. Today, we experienced problems at our colo site (big problems here) with accepting POP3 traffice on an FG-60 with MR-6 installed.
It' s not like we' re lighting up the devices with activity but I cannot continue resetting the devices to get things going again. It appears that the device just stops accepting/forwarding traffic.
Does anyone have any ideas abou what' s happening?? I' m ready to pull the devices and install something that won' t fail in this manner. Any help is appreciated.
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
35 REPLIES 35
Not applicable
Created on 03-13-2004 02:48 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You’re not the only one that is getting pissed off with this. I was having major problems running 3 POP3 servers behind the firewall, service just stopped working. MR7 seemed to cure the problem but now my HTTP server is suffering…
We are being attacked all the time, I was using a Guardian firewall, this worked fine just had port routing limitations…
I am seriously considering in putting the Guardian back on line and using the Fortigate as a door stop…
Regards,
Kevin Vahn Gill
Ring Communications (UK) Ltd
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
Sorry to say this but I take comfort in knowing that I am not the only one…
Last night, (23:20) my HTTP server went off air and we started to get NetSky on internal mail…
The firewall had decided that I longer needed to scan SMTP for viruses and that I didn’t need a web server…
Back to Guardian and Total Virus Defence me thinks...
Regards,
Kevin…
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have had the same issues with a FGT-50 with MR6 with web traffic and when av scanning is enabled.. The kicker is that it only stops working at our client' s site after 2-4 days (they have very low use of the web).
If we disable AV.. all is fine. It sounds like a memory/session issue that the fortiCODERS need to clean up.
The only fix I can think of is going back to OS 2.36 (whichs needs to be tftp' ed)
Good luck.
[link=http://logMojo.com]logMojo[/link] by Security Confidence
Cloud Based - Logging â— Alerting â— Reporting â— Monitoring â— Management
Signup today!
[link=http://logMojo.com]logMojo[/link] by Security Confidence Cloud
Based - Logging â— Alerting â— Reporting â— Monitoring â— Management
Signup today!
Not applicable
Created on 03-14-2004 11:24 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
[Deleted by Admins]
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So, let me get this straight:
1. I should not use MR7 because it' s buggy
2. I need to disable all NIDS
3. I need to disable all AV scanning
Hmm, not much of a firewall is it? The only thing it' s doing is port-forwarding to a private internal network for security. Netgear, Linksys, et. al. provide this level of service at less than half the price!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
[Deleted by Admins]
Not applicable
Created on 03-15-2004 12:28 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
[Deleted by Admins]
Not applicable
Created on 03-15-2004 12:06 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
I will let you know how I get on with this but we are upgrading to a FG200...
Not quite the best solution to the problem (£££) but it may work...
Regards,
Kevin...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What gives you any level of confidence that moving to a 200 will solve this problem? It seems to me that there is a fundamental flaw in the scanning engines which can lead to ultimately losing HTTP/POP3/IMAP/whatever.