Just as previously reported (http://www.symantec.com/connect/forums/bug-report-...), we have also found that the firewall is incorrectly blocking certain UDP fragments. In our case, we had an 11,467 byte UDP datagram where the 4th fragment contained the bytes 0d d8 at offset 36. This matched a firewall rule blocking UDP traffic on remote port 3544 for "ipv6 over ipv4". This happened regardless of the port the UDP traffic was actually occuring over. Hopefully this posting will help someone else, as Scott's original posting was quite helpful for me. If anyone happens to know if a defect was opened at Symantec for this, it would be nice to know which version this is patched in.
Thanks!
Shaun Hey
Software Engineer, Retalix StoreLine
NCR Corporation