Hi Folks, I was hoping that there would be someone in the group that could
help me in verifying (shooting it full of holes is OK too...) a theory I
have in relation to a particular problem.
I have a Client to LAN VPN (Formerly the Altiga client/concentrator)
application running through a Checkpoint firewall - The connection is
established and the user is able to do their work - all is good. BUT, when
the customer goes out for coffee and comes back the connection to the server
is lost. The tunnel however is still however stays up. I can verify this via
the concentrators UI. Bringing down and re-establishing the tunnel brings
back full functionality.
The connection is being PAT'd. We've configured IPSec over UPD. Connections
through a PIX to the same server are working.
So, I'm thinking idle timer. I've found references to TCP-TIMEOUT at
phoneboy but not UDP.
Two questions; Can you configure idle timers for UPD ports? Is there a way
to determine if specific UPD mappings are being dropped?
Thank you,
Andy McDonald
P.S. I have no user docs, contacts at checkpoint and have poked around on
the web - I know how you guys don't like people who haven't done their home
work... :-)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
