Re: [fw-wiz] VPN Issue with Certs and fragmentation
- From: "Robby Cauwerts" <robby@xxxxxxxxxxx>
- Date: Wed, 12 Sep 2007 09:05:44 +0200
On 9/11/07, Bell Simon (RBNA/CIT1.12) <Simon.Bell@xxxxxxxxxxxx> wrote:
We occasionally have customers call in reporting that they're never
prompted for credentials when attempting to connect to the VPN. This
happens most often when they're at a hotel/public hotspot. However, if
they use a profile based on a preshared key instead of a cert
authentication, they connection works w/o issue. I've captured traffic
off a failed user and it looks like during a cert auth IPSec tunnel
there's a fair amount of packet fragmentation.
The fragmentation can be solved by using IKE over tcp.
What type of vpn (vendor) are you using?
Br.
Robby
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] VPN Issue with Certs and fragmentation
- From: Bell Simon (RBNA/CIT1.12)
- Re: [fw-wiz] VPN Issue with Certs and fragmentation
- References:
- [fw-wiz] VPN Issue with Certs and fragmentation
- From: Bell Simon (RBNA/CIT1.12)
- [fw-wiz] VPN Issue with Certs and fragmentation
- Prev by Date: Re: [fw-wiz] Isolating internal servers behind firewalls
- Next by Date: [fw-wiz] PIX 501 to PIX 515 IPSec VPN failure, when the 515 already has a VPN
- Previous by thread: [fw-wiz] VPN Issue with Certs and fragmentation
- Next by thread: Re: [fw-wiz] VPN Issue with Certs and fragmentation
- Index(es):
Relevant Pages
|
