[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Securemote VPN - SDL Login to a Windows 2000 Domain using Active Directory Services
Jim, I'm having the same problem. I am running NG HF2 on W2K SP2 with all of the security hotfixes (as of 10/01). I have yet to see a broadband user log into the domain with SDL in under 5 minutes. As a test, I'm going to connect my notebook to the public Internet side of the firewall and time how long it takes to log in from a 10Mbps ethernet connection. Kevin Palmer Granite Solutions -----Original Message----- From: Jim Laverty [mailto:[email protected]] Sent: Friday, October 19, 2001 11:30 AM To: [email protected] Subject: [FW-1] Securemote VPN - SDL Login to a Windows 2000 Domain using Active Directory Services Importance: High We have been using Securemote on Win2K clients to login to a Windows 2000 domain (non-mixed mode), running active directory services (ADS). We're using Nokia's 3.4.1 IPSO and FW-1 4.1 SP-5 (plus the latest SP-5 hotfix). Since I have installed SP-5 our login times over broadband connections has been about 8-12 minutes, we were seeing 2 minute logins. I've been on the phone with Nokia and now they say Checkpoint does not support Secure Domain Login (SDL) with Windows 2000 and ADS. Has anyone else gotten this to work on SP-5 and if so, have you see the performance hit? I'm running tcpdump (on the firewalls) and Sniffer Pro (on the ADS and client boxes). I'm seeing lots of fragmentation on the firewall, even with the modzap hack for fragmentation. Any suggestions are welcome. =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|