Firewall Wizards mailing list archives
Re: VPN question
From: Dave Piscitello <dave () corecom com>
Date: Mon, 27 Nov 2006 18:51:31 -0500
possible - my answer would have been terse:"logging ike at debug level on the cisco would tell you a lot more than anyone on this list could"
Scott Pinzon wrote:
Just about everyone on this list is more qualified to answer than I am, but since I haven't seen any other replies, I'll take a stab at answering. I don't know about the Pix specifically, but many firewalls have a Phase 2 setting that forces key expiration after a specified period of time. This is to make sure the tunnel is not sitting idle for long periods, susceptible to being abused. The symptoms you describe would be consistent with one end of the VPN tunnel having a different key expiration timing than the other end of the tunnel. It could be that one end of the tunnel is forcing expiration, then the two ends auto-negotiate a new tunnel... which is why the tunnel is down for five or ten minutes, then comes back. Long story short, I'd try checking for compatible "force key expiration" settings on both ends of the tunnel.Hope this helps!Scott Pinzon, CISSPWatchGuard Technologies ------------------------------------------------------------------------ *From:* firewall-wizards-bounces () listserv icsalabs com [mailto:firewall-wizards-bounces () listserv icsalabs com] *On Behalf Of *Henderson, Bernadette *Sent:* Monday, November 20, 2006 1:00 PM *To:* firewall-wizards () listserv icsalabs com *Subject:* [fw-wiz] VPN question I have a home grown network in my office for clients to use.(Outside of my work network) The problem is that the amount of persons using it is growing every time they come to my office for work for about a month straight then leave for 6 months. All of them want to connect back to their home office using the microsoft built in vpn client. They also now use a Pix firewall which I have no knowledge of but they do have a consultant who runs it for them. There are about ten users. The dilemma I have is that about every 18 hours they all getting booted out of their vpn and say they cant get onto the internet. It lasts about 5 to ten minutes and about the time I get on the road to come in to see whats wrong, they are back up and running again. They are working night and day weekends too... In my office I have a T1 going to a cisco router, to a linksys router for nat and then to and hp switch then piped over to the port in the room to netgear switchboxes at the conference room tables. My network guys say the T1 is fine etc etc.. I cant really see much of anything from the linksys. What should I be looking for to uncover what is booting them out and back up again so quickly? I called their tech guy to look at the firewall log and am waiting for feedback. Thanks in advance BernadetteThis e-mail is from Dechert LLP, a law firm, and may contain information that is confidential or privileged. If you are not the intended recipient, do not read, copy or distribute the e-mail or any attachments. Instead, please notify the sender and delete the e-mail and any attachments. Thank you.------------------------------------------------------------------------ _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Attachment:
dave.vcf
Description:
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VPN question Henderson, Bernadette (Nov 22)
- Re: VPN question Scott Pinzon (Nov 27)
- Re: VPN question Dave Piscitello (Nov 27)
- Re: VPN question Chris Wargaski (Nov 28)
- Re: VPN question Scott Pinzon (Nov 27)