[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] [FW1] Problems between firewalls when not encrypting.
I have two firewalls, one is an enterprise encryption center and the other is a vpn-1 module. I am having strange problems in that I have serious problems between them when not using encryption. the rule that I wouild like to use is just FW1 FW2 ANY ACCEPT --------------------------------------- FW2 FW1 ANY ACCEPT but for some reason, there is serious 'lag' when using no encryption. If I add FWZ encryption, it works perfectly. For example, without encryption, I telnet from FW1 to FW2 and execute an 'ls -l' in a large directory, it displays about 2/3 a page and stops, displays some more and then stops. If I go back and enable FWZ, it goes through perfectly. The firewalls are connected via a dedicated T1 Circuit as well as a T1 to the internet. I'm sorry if I haven't explained this well, it is so very confusing. Logic would dictate that no encryption would be faster and yield better performance. Testing that I have done: Firewall Loaded and FWZ Enabled: No noticible lag and all services work fine. Firewall Loaded and No Encryption: Noticible lag even in telnet and NFS does not work along with other services. Firewall not loaded and forwarding turned on: No noticible lag and all services work perfectly. Our platform is: AIX 4.3.3 running Firewall-1 4.1 SP5 (just installed SP5 today in hopes that it would fix this problem) Any help would be greatly appreciated. I can provide more details, but don't want to post too much info to the public forum. Joseph Voisin ENGEL Canada Inc. htp://www.engelmachinery.com [email protected]============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|