[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] NG FP2 - SecureClient logging into the Policy Server
Hi, Could someone help me out please........ I'm currently running Checkpoint N.G FP2 and I've setup SecureClient using Connect & Office mode thus logging into the policy server and receiving an internal DHCP address from with the encryption domain...... It was all working fine and then a couple of weeks ago, I started getting error messages, such as "Tunnel Test Failed", "Failed to logon to Policy Server" and "Logon to policy server failed". The SecureClient is no longer logging into the policy server, but the connection still succeeded. Users could still login as if SecuRemote was running......... Looking through the checkpoint logs, I could see some drop traffic with the error message saying "TCP Sequence Validator dropped packet with invalid ACK number". Looking in the Global Properties under the Stateful Inspection tab and "TCP sequence verifier" the "Drop out of sequence packets" is already checked. If I uncheck this box and push the policy out. Users can now log into the policy server and down the policy and everything works. When I check the box again, it all stops. Does anyone have any ideas why this happened and how to fix this...... Also what's the impact if I leave this unchecked? Cheers Kalpesh "This email and any attachments is intended for the addressee only. It may contain confidential, proprietary or legally privileged information and any views or opinions presented are solely those of the author. If you are not the addressee you have received this e-mail in error. Please notify the sender by return e-mail and then destroy it. If you have received this e-mail in error, copying, printing, forwarding or dissemination of this e-mail is strictly prohibited. We virus scan all e-mails but are not responsible for any damage caused by a virus or alteration by a third party after it is sent. Website: http://www.kingston.com/europe Registered in England, No: 3643195 VAT No: GB 720 5258 60" ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|