Re: Weird problem with a Raptor.

From: S (sl7732@yahoo.com)
Date: 03/19/02 

From: S <sl7732@yahoo.com>
Date: Mon, 18 Mar 2002 23:33:17 GMT

I have seen a simular problem that was caused by bad configuration of a pair of
Raptor firewalls load balenced with Stonesofts Fullcluster, what was happening
was that as the load on firewall A neared overload, Fullcluster was trying to
move all connections over to firewall B which was of course dropping the
connections.
Check the BigIP configurations and check the amount of load on each web server
to see if BigIP is moving connections that are part of the same ssession.

Regards
SL
kevin wrote:

> Hello, I am troubleshooting a problem with a Raptor firewall.
>
> Quick background:
>
> We have a web site that is load balanced with a Big/Ip and in front of that
> is a Raptor firewall. The site is pretty graphic intensive and receives
> well over 20,000 hits a day. Other websites are behind the exact same
> firewall and Big/Ip yet the problem is not seen mostly I believe because the
> sites don't have anywhere near the amount of graphic content this site has.
>
> Problem:
>
> Graphics do not load correctly on remote computers. Some images won't load
> and when you refresh others won't and the ones that didn't load before will.
> Very weird. Sometimes you will receive an unable to connect error on the
> VIP.
>
> The Raptor is up to date with all latest hot-fixes and patches. After a
> firewall reboot the web site will load perfectly for a few hours then it
> begins doing the same thing. Has anyone ever seen this? Any ideas?
>
> Behind the firewall and between the two web servers and through a local VPN
> the problem never occurs, only after the firewall and BIG/IP are introduced.
>
> Thanks for any help.
>
> -kevin

Relevant Pages

  • Re: problem - maybe due to 3Com Wireless DSL router?
    ... Why does one of my PCs load web pages flawlessly whereas ... My router, via NAT, serves two computers. ... If I disable the router firewall, the downstairs PC continues to work ... so does the upstairs PC. ...
    (uk.telecom.broadband)
  • RE: 66 running processes?
    ... Win XP, a firewall and an AV and about seven background utilities, and with ... want it to load right from boot up, or could you take it off the load list ... Stopping programs you use loading early is only likely to make much ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Microsoft websites are inaccessible
    ... can not get well formed pages to load at msdn2.microsoft.com nor can I ... When did my firewall learn to discriminate? ... msdn2 using the search results... ... the router. ...
    (comp.security.firewalls)
  • Re: Microsoft websites are inaccessible
    ... clintonG wrote: ... I've heard all kinds of assumptions suggesting local cache problems to my firewall. ... A helpful guy finally responded stating he and others resolves similar problems by disabling dynamic DNS on the firewall but the Road Runner ISP requires dynamic DNS to be selected on the router. ... If you care to try to do a Google search such as the following and then try to load several pagefrom msdn2 using the search results... ...
    (comp.security.firewalls)
  • Raptor Firewall
    ... of port scanning their Raptor firewall crippled its ability ... IT Security Consultant, UK ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
Loading