[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Secure Remote doesn't perform authentication
I have fought the same problem. Here is what I have learned. 1. Drop any domain objects in objects.C Even though the domain objects had nothing to do with my securemote rules, they killed FW performance such that the IKE process did not get enough resources to run. You can confirm the interaction by tcpdump .... port 500 or snoop -d ... port 500 You will see the client connecting, but the FW is slow/never answers 2. fwhmem The default fwhmem has been too small in my environment. One cause may have been the domain objects. Making fwhmem bigger improved VPN 3. If linksys, LATEST firmware, then enable IPSEC pass through 4. If any wireless LAN, LATEST firmware. One vendor had problem with MTU sizes and assembling packets. greg
-- _______________________________________________________________ Greg Polanski mailto:[email protected] ADC Telecommunications, IncMSFAX PO Box 1cell/pager Minneapolis, MN [email protected] _______________________________________________________________ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|