[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Odd firewall behavior
Hello folks, Recently we went from a token ring environment to ethernet. This has caused to problems to become appear: 1. There are unusually long delays when logging in to a remote system using SecuRemote. The user is authenticated at the firewall, but from there to the remote host the wait can be anywhere from 5 to 20 minutes. The waters are muddied by the fact that a few users experience no timelags whatsoever. 2. When accessing secure sites (https), users are as likely as not to be able to reach the page at all. One user might not have a problem while another one does, and the situation could be reversed 5 minutes later. Both problems have been replicated on the token ring segment, but lags are shorter the problem is much less frequent. We put sniffers on either side of the firewall. What appears to be happenning is that the firewall will in some cases not accept fragmented packets (no rhyme nor reason for this). Needless to say, this situation is inconvenient and we'd like to correct it. Have any of you run across anything like this, and, if so, could you please share what you did to correct it? Thanks, Frank Frank Tirado Information Systems Security Program Manager USDA - Economic Research Service Phone(USA) ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|