Firewall Wizards mailing list archives
Re: VPN Issue with Certs and fragmentation
From: "Robby Cauwerts" <robby () cauwerts be>
Date: Wed, 12 Sep 2007 09:05:44 +0200
On 9/11/07, Bell Simon (RBNA/CIT1.12) <Simon.Bell () us bosch com> wrote:
We occasionally have customers call in reporting that they're never prompted for credentials when attempting to connect to the VPN. This happens most often when they're at a hotel/public hotspot. However, if they use a profile based on a preshared key instead of a cert authentication, they connection works w/o issue. I've captured traffic off a failed user and it looks like during a cert auth IPSec tunnel there's a fair amount of packet fragmentation.
The fragmentation can be solved by using IKE over tcp. What type of vpn (vendor) are you using? Br. Robby
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VPN Issue with Certs and fragmentation Bell Simon (RBNA/CIT1.12) (Sep 11)
- Re: VPN Issue with Certs and fragmentation Robby Cauwerts (Sep 12)
- Re: VPN Issue with Certs and fragmentation Bell Simon (RBNA/CIT1.12) (Sep 13)
- <Possible follow-ups>
- Re: VPN Issue with Certs and fragmentation Bell Simon (RBNA/CIT1.12-Sbd) (Sep 26)
- Re: VPN Issue with Certs and fragmentation Robby Cauwerts (Sep 12)