FTP problem - Raptor Solaris firewall and NT4 SP6 ftp servers

["Wildt, Bob" <WildtB () kochind com>]

I'm looking for anyone else that may be experiencing this problem or any
insight into it.

I have two Axent Raptor firewalls (v5.0.3 and v6.0.2 on Solaris 2.6) that
exhibit this problem.  FTP sessions initiated by the firewall to NT4 SP6
servers will often hang waiting for a data channel (port 20) FIN packet.  It
appears that the FIN packet is coming out of sequence when compared to a
successful command, which causes the session to hang.  The problem is
internittent but consistent.  It may fail on the 1st command of a session or
on a later command.  It almost always fails with 6 or 7 commands.

I have the problem only between my Raptor firewalls and NT4 service pack 6
servers (3 different NT servers so far).  One of our partners upgraded to
SP6 last weekend and ftp transfers that had been running flawlessly are now
hanging.  I don't know if this happens to all NT4 SP6 servers we connect to,
but it does seem to be a pattern.

I have been working with Axent support on this, but they are having trouble
recreating the problem.  If you can answer any of these questions, I would
appreciate a response.

1) Any other Axent Raptor users out there that are experiencing similar
problems?

2) Has anyone other than Raptor users had similar problems communicating
with NT4 SP6 servers?

3) Does anyone know of specific changes made in NT service pack 6 as
pertains to their TCP/IP stack?

Thanks.
- - - - - - - - - - 
Bob Wildt
UNIX and Mainframe Systems
Koch Industries Inc.
wildtb () kochind com
316-828-6970




_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards