Re: [fw-wiz] VPN Issue with Certs and fragmentation

On 9/11/07, Bell Simon (RBNA/CIT1.12) <Simon.Bell@xxxxxxxxxxxx> wrote:

We occasionally have customers call in reporting that they're never
prompted for credentials when attempting to connect to the VPN. This
happens most often when they're at a hotel/public hotspot. However, if
they use a profile based on a preshared key instead of a cert
authentication, they connection works w/o issue. I've captured traffic
off a failed user and it looks like during a cert auth IPSec tunnel
there's a fair amount of packet fragmentation.

The fragmentation can be solved by using IKE over tcp.
What type of vpn (vendor) are you using?

firewall-wizards mailing list