Re: Do Not Fragment Bit

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "Jens Baier" <jensbaier@xxxxxxxxxxxx>
Date: Mon, 8 May 2006 21:26:08 +0200

Hi,

I am using ISA 2004 and trying to reach a HTTPS web server on a remote
extranet. When the packets come from the server the "Do not fragment" bit
is
set, is there a way to tell the ISA server to ignore that and fragment the
packet

start ISA MMC navigate to General and click "Define IP Preference" and then
"ip-options"

regards Jens
www.nt-faq.e

.

Prev by Date: Re: 0xc0040017 FWX E TCP NOT SYN PACKET DROPPED
Next by Date: Re: Assigning Multiple IPs on Ecternal NIC (ISA 2004)
Previous by thread: Re: Unable to open FTP sites behind ISA 2004
Next by thread: ISA 2004 Multiple VPN Client, I can ping only 1 connected, not rest
Index(es):
- Date
- Thread

Relevant Pages

Re: Fwd: [IPv4 fragmentation --> The Rose Attack]
... Which limits such an attack to 800 packets overall and 16 fragments ... The first fragment is the ... > dropped at high packet rates if there aren't enough buffers allocated. ...
(freebsd-net)
Re: [PATCH 00/28] Swap over NFS -v16
... To do so we need to distinguish needed from unneeded packets; ... our state must not consume memory, ... a/ in caches, such as the fragment cache and the route cache ...
(Linux-Kernel)
RE: [Full-Disclosure] A new TCP/IP blind data injection technique ?
... > fragmented packets and there is NO option to change this. ... > firewall or connecting to any services out side the firewall with the ... The Cisco Pix has an IP fragment database. ... The information contained in this email and any attachments is ...
(Full-Disclosure)
Re: NAT vs Route checking
... capturing the packets on the ISA server on the external NIC, ... In both cases I see the ISA server external ... Understanding the ISA 2004 Access Rule Processing ...
(microsoft.public.isa.configuration)
Re: Kerio 2.1.5 vulnerability
... > |> So it seems any packet with the fragment bit set goes straight through ... > |> the firewall, and kerio only logs plain SYN packets. ... Nice one Kerio. ...
(comp.security.firewalls)