[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Weird issues with VPN / SecuRemote on NG FP1
- To: [email protected]
- Subject: Re: [FW-1] Weird issues with VPN / SecuRemote on NG FP1
- From: Hal Dorsman <[email protected]>
- Date: Wed, 4 Sep 2002 15:35:35 -0600
- Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-Index: AcJUJ0iOQjk4fJRmQiO0RDnIyD7x8wAE8x6A
- Thread-Topic: [FW-1] Weird issues with VPN / SecuRemote on NG FP1
> -----Original Message-----
> From: Thomas Nilsen [mailto:[email protected]]
> Sent: Wednesday, September 04, 2002 6:16 AM
> To: [email protected]
> Subject: [FW-1] Weird issues with VPN / SecuRemote on NG FP1
>
>
> All of a sudden, our FW1 box running on W2K has given us a bit of a
> headache...
>
> Citrix Metaframe access using SecuRemote no longer works when
> accessing it
My apologies if this is a stupid question, but why would you want to
run Citrix within a VPN tunnel? Citrix has built in encryption. With
a properly configured Citrix server you have access to all internal
services. Seems kinda like putting something in a Fed Ex envelope
then putting it in a box to mail parcel post.
comments anyone?
Hal
> from the Internet and/or ADSL type home offices, however it
> works fine from
> our RAS segment. When connecting to the Citrix server, the initial
> connection is successful, in that we get a black window. But the login
> prompt does not appear, and after a while a timeout error occurs.
>
> A second issue is that a VPN tunnel between two sites has
> stopped giving
> access to Outlook WEB access. What's so strange about this is
> that one can
> ping the OWA server, and one can retrieve simple web pages up
> to 1208 bytes.
> Anything more than that fails. The OWA server works fine from
> another VPN
> site. To another site where we run SAP GUI over VPN, the
> special SAP tool -
> niping (tcp ping tool) can send packets of up to 1390 bytes
> with success,
> 1391 and above fails.
>
> And to make the whole thing even more confusing: at the same
> site where
> niping fails, I am able to use the OWA server.
>
> I'm puzzled by this and can find no good reason for this to
> happen at all.
> The only common thing here seems to be that on certain apps
> and on certain
> VPN sites, packets over a certain size never gets to the
> receiver. Why??
>
> Anyone seen this before or have any suggestions. Can someone
> explain why
> this would happen at all?
>
> Best Regards,
> Thomas Nilsen
> Kverneland IT
> Tel: +47 51429463 <> Mob: +47 991 55 001
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================