NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] VPNs dying every hour



Nope, not yet.  I think I might now though.

-----Original Message-----
From: [email protected]
[mailto:[email protected]]
Sent: Tuesday, July 22, 2003 6:11 PM
To: [email protected]
Subject: Re: [FW-1] VPNs dying every hour

This topic has been discussed at least a few times on the list.  I thought I
remember one of the HFA's fixing it.  Have you applied any on top of
Hotfix-2?

-Aaron

-----Original Message-----
From: O'Brien, James [mailto:[email protected]]
Sent: Tuesday, July 22, 2003 2:41 PM
To: [email protected]
Subject: [FW-1] VPNs dying every hour


I have secureplatform, ng fp3 with hf2, and three VPNs that are always
active.  Every 55-60 minutes, the vpns all drop.  I get two noticeable
errors in the log:

'encryption fail reason: Packet is dropped because there is no valid SA'
'encryption failure: No response from peer'

I've been over every checkpoint article I can find, and have implemented all
of their recommendations including turning off aggressive mode, changing
firewall objects etc.  Has anyone seen this strange behavior before?  I
understand why the vpns break (no SA), but I don't know why it's doing it...
Based on the fact that all of my VPNs break at once, I'm fairly convinced
the problem is with my central firewall.  All of the remote vpn firewalls
are ng fp2 boxes.



=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.