Long intevals on phase I rekey on VPN

["Daniel Sichel" <daniels () ponderosatel com>]

We are currently struggling with SoftRemote VPN client software
connecting to a Sidewinder G2. The problem is the clients foul up the
phase one rekey process and drop the connection regularly. Needless to
say Citrix and the AS/400 don't thank me for that. I can set the phase I
rekey out pretty long and keep a connection up. My question is, am I
opening myself up to attack by doing this. The phase two rekey can be as
frequent as I like and not affect this, so I set those pretty low (rekey
often).

Let me know what you think.

Thanks, and Happy Hanukkah/Merry Christmas to all. 

Dan Sichel, Network Engineer
Ponderosa Telephone Company
(559) 868-6367

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html