Re: [fw-wiz] VPN Issue with Certs and fragmentation



On 9/11/07, Bell Simon (RBNA/CIT1.12) <Simon.Bell@xxxxxxxxxxxx> wrote:

We occasionally have customers call in reporting that they're never
prompted for credentials when attempting to connect to the VPN. This
happens most often when they're at a hotel/public hotspot. However, if
they use a profile based on a preshared key instead of a cert
authentication, they connection works w/o issue. I've captured traffic
off a failed user and it looks like during a cert auth IPSec tunnel
there's a fair amount of packet fragmentation.



The fragmentation can be solved by using IKE over tcp.
What type of vpn (vendor) are you using?

Br.
Robby
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards