is concerned, the answer is "no".
My suggestion would be to look into Nortel Extranet Contivity Switch products. Features:
IPsec
PPTP
Time outs of 23 hours 59 minutes.
Ability of users to change their own passphrases.
Password aging.
Authentication:
User base
Using pass phrases of at least 16 chars.
Radius
Entrust Certificates
Ldap
Secure Remote as a product is a nice freebie from Checkpoint, but it
has some severe limitations, one of them
being this tcp time out issue.
Hope this helps.
merlin
Doug Schmidt wrote:
Hi,
I have called CP Support and also searched the Phonyboy FAQ's, but nothing.
CP Support told me to increase the TCP Session Timeout. Which has a max
setting of 6500 seconds ( ~2 hours) which is not long enough for our needs.We have our user LAN behind the FW. Some of our developers on this LAN, need
to have telnet/ssh connections
to some servers (outside the FW), While these connections are open, they run
some jobs, which can last anywhere
from minutes to many hours. In the case of a job lasting say 4-5 hours, this
would not be long enough, since the FW
will drop the TCP Session when it is not active.Is/are there any workarounds fixes to this problem? Any advise would be
great.Firewall Version 4.1 Build 41489 running on Slowaris 2.7
~D
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
-- Barry W. Kokotailo Senior Unix Systems Administrator 1-780-675-6399 PGP = 71 71 96 A3 C0 C2 23 7A 23 4E D4 04 8C E0 42 6B B0 2D D1 A5
