Question : ICMP Fragmentation

I have a number of networks connected via VPN through Netscreen firewalls. On our head office firewall I get a number of alarms as below:

"ICMP fragment! From 10.1.10.14 to 192.168.11.8, proto 1 (zone Trust, int ethernet1). Occurred 1 times."

The packet is being sent from a Windows 2000(10.1.10.14) Server to a Windows XP client(192.168.11.8). These are coming through every few seconds. I have looked at adjusting the MTU size, but still get the error.

Is this the 2000 Server that's causing the alarm or should I be looking at the firewall? Any help would be appreciated.

Answer : ICMP Fragmentation

If there is only the firewall between these 2 boxes then yes, the fragmentation is happening in the firewall.

Second question, definitely NO. There is no such thing as stupid, you learn eventually. Not everybody knew everything when they are born :-)

Cheers,
Rajesh

Random Solutions

what does the TCP/IP submask perform

how to use port 80 in untangle

Why is it so bad to run a DC over a public namespace?

my e-mail rejects messages from friends

When seizing FSMO roles to a dead domain controller using ntdsutil.exe, what do I put in for transfer role?

Generating a CSR for an SSL certificate for IBM HTTP Server on iSeries

Sendmail - Relay SMTP