|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Bug found - NG-AI SecuRemote client - Authentication Timeout
I have posted a problem regarding Authentication Timeout not working on NG-AI. Client, Management and Gateway are all NG-AI. I thought that it was related to TCP timeout, but determined it was not after changing the timeout to two hours and my IKE_SA_table entry still showed 3 hours. My Authentication Timeout has always been set at 8 hours. I finally looked through my userc.c file and tried changing the expire time on a different site, which was set to 3 hours. That was the problem. My client has two sites configured; one which has an expire of 3 hours, and another managed by a different console, with and expire time of 8 hours. Even though I am connected to site B, it was finding the expire time for site A (which was listed first), and setting my phase 1 expiration to 3 hours, instead of 8. It should be aware of which site it is connected to, and use the appropriate global property for that site, but instead it used the first one it found. This would not be a problem if both sites were managed by the same console, because they would have the same global expiration. This is somewhat of an abnormal circumstance, but not unheard of. Hope this helps someone else. -Aaron ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
