- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- Re: Kerberos-TCP violation
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Kerberos-TCP violation
Hi All,
I have one edge gateway that is giving this 'Connection alert' when some traffic is routing through here. No other gateway is having this issue. I'm still in touch with TAC but they are saying it might be a Identity Awareness issue with Kerberos but our identity awareness is setup identical throughout all gateways. Has anyone run into this error before and can give some guidance on what else it might be? I've personally not seen this before.
Firewall - Protocol violation detected with protocol:(Kerberos-TCP), matched protocol sig_id:(2), violation sig_id:(4). (500)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You might try disabling the protocol signature for the Kerberos-TCP service.
This is done in the relevant service object in the Advanced section.
Curiously, the default Kerberos service (called Kerberos_v5_TCP in a default R81.20 installation) does not have this checked.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would try what Phoneboy suggested, makes sense.
Andy
