Was wondering if anyone has experienced similar problems:
FW1 ver 4.1 VIG license running on an E250/Solaris 2.6
Cisco 2600 series router running 11.3 with IPSec feature set
VPN configured with IKE/Preshared Secrets.
During periods of high traffic, the VPN stays up, that is, when the
SA expires, the firewall renegotiates gracefully.
However, during periods of low traffic, the Firewall does not re-
negotiate the SA and the VPN breaks down. The only fix is to
push the policy, thereby forcing the re-negotiation. I've played
around with the timeout values, with no avail. I've set up a box to
continually ping (generate traffic) with no avail.
I've got a ticket open with Checkpoint and am anxioulsly awaiting
their review of my router config and fwinfo's. Just thought I'd ping
this issue off the mailing list to see if anyone else has seen this
problem.
--------------------------------
Brian Koref
Project Leader, Security Practice Group
Conxion Corporation
4201 Burton Dr.
Santa Clara, CA 95054
(408) 566-8571
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
