Strange problem with Firewalls

The problem described below happens with the following Firewalls;

Zonealarm Sygate Pro Kerio 2.1.5 Kerio 4.2 Outpost

When I send a post or email from Outlook 2002 or Outlook Express the above Firewalls block the outgoing post/email. Disabling the firewall and I can send ok. I have NOD v2.5 installed. My system is XP Pro SP2 fully patched.

The really strange thing is that it only blocks the FIRST email/post I send. If I disable the firewall, send my 1st post/mail and then re-enable the firewall, all subsequent items can be sent with the firewall enabled.

Anyone any ideas?

Clive

Reply to
Clive
Loading thread data ...

Clive a écrit :

Systems bases on internal > of XP (*) ? Sure: a very bad thing.

db

(*) IO don't know very much about XP but I suppose it exists a kind af antememory that store addresses (and may be ports) that have just been used. A very, very bad thing if any.

Reply to
Dominique Blas

Yes - I found this with Kerio 4.2 - didn't know it was common with other software firewalls too.

It's to do with the MTU packet size. If the number of characters in the email is greater than the MTU, it is split up into parts and sent in bits. It is rebuilt at the far end.

Windows XP has a default MTU of 1500, but some routers etc. on the route may only allow an MTU of 1420. When this happens the router requests a resend, with a smaller packet size.

The problem seems to be that the software firewall blocks this ICMP 'resend' request.

Do you operate through a hardware firewall as well as the software one? If you do, the solution is to set the MTU in the hardware firewall up to 1500. In my Netgear firewall, I had to change it from 1458 up to

1500.

If you are not connected through a hardware firewall, the only way out is to adjust the MTU that Windows XP is using. This is not easy, and means making a change in the Registry.

formatting link
There is a software utility that allows this to be done easily, but I can't remember the name - try googling for "changing MTU"

Johnie.

Reply to
Johnie

Just found it! It's Dr TCP -

formatting link
Johnie.

Reply to
Johnie

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.