| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Odd firewall behavior
Hello folks,
Recently we went from a token ring environment to ethernet. This
has caused to problems to become appear:
1. There are unusually long delays when logging in to a remote
system using SecuRemote. The user is authenticated at the firewall,
but from there to the remote host the wait can be anywhere from 5 to
20 minutes. The waters are muddied by the fact that a few users
experience no timelags whatsoever.
2. When accessing secure sites (https), users are as likely as not
to be able to reach the page at all. One user might not have a
problem while another one does, and the situation could be reversed 5
minutes later.
Both problems have been replicated on the token ring segment, but
lags are shorter the problem is much less frequent.
We put sniffers on either side of the firewall. What appears to be
happenning is that the firewall will in some cases not accept
fragmented packets (no rhyme nor reason for this).
Needless to say, this situation is inconvenient and we'd like to
correct it. Have any of you run across anything like this, and, if
so, could you please share what you did to correct it?
Thanks,
Frank
Frank Tirado
Information Systems Security Program Manager
USDA - Economic Research Service
Phone(USA)
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
