Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
handiansudianto
Collaborator

DNS bad TCP

Hello,

 

We pointing DNS IP address for our VPN Pool IP to internal windows DNS server. When i check log on the windows dns server i got many warning 'The DNS server received a bad TCP-based DNS message from 10.103.254.6. The packet was rejected or ignored. The event data contains the DNS packet.'

IP 10.103.254.6 is our checkpoint.

 

 

0 Kudos
5 Replies
G_W_Albrecht
Legend
Legend

Has also been dicussed her without a solution: Internal DNS was flooded by bad TCP-based DNS from Check Point

CCSE CCTE CCSM SMB Specialist
0 Kudos
handiansudianto
Collaborator

on the sk 133313 there are 2 solution :

1. disable 'Log implied rules', i check this already disabled.

2. Change rad_kernel_domain_cache_refresh_interval  and rad_kernel_domain_cache_ip_success_lookup_timeout. What value is recommended for both parameters?

 

0 Kudos
Chris_Atkinson
Employee Employee
Employee

How does your version/JHF compare to that listed in the previous similar threads?

I see two SR's with similar symptoms but the cause was undetermined in each.

CCSM R77/R80/ELITE
0 Kudos
handiansudianto
Collaborator

i using version 81.10 with JHF 87

0 Kudos
the_rock
Legend
Legend

I would contact TAC about this, honestly. I checked support site and literally only things that show up are community posts and specifically one that @G_W_Albrecht pointed to.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events