05-26-2001 12:52 AM - edited 03-08-2019 08:16 PM
Hi folk,
Any idea what the subject above on pix 5.1 does ?
Apparently I'm receiving a huge number of error messages pertaining to it:
fh_insertb: too many fragments(12) in set
If it's a security attack, how can i stop it ?
06-05-2001 07:06 AM
Which exact version of PIX are you running (5.1(x))? There was a bug in early 5.1 code you might be running into. If youre on 5.1(4) and you are still getting a lot of frags, the PIX is doing its job by blocking them. If you need to know about them, put a sniffer/analyzer on that wire and look at the fragments to learn whats going on.
11-16-2001 12:52 PM
Hi,
I am getting this same error, but only when I transmit packet from a UNIX enviornment to an NY enviorment. I am running 5.1(4). Any help would be appreciated.
11-27-2001 03:50 AM
Some Unix (Linux e.g.) transmit IP fragments in revers order. Fragmented Linux packets will not pass through the Pix with sysopt security fragguard enabled.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: