Checkpoint VPN
-
I am using pfsense 1.0.1 with IPsec passthru enabled in the web gui. I am using checkpoint VPN (VPN-1 secure client R 56 Build no. 619) on my lan clients to connect to remote servers. My connections go through fine, but after a period (typically 15 mins to 1 hour), the VPN client disconnects.
I doubt if this is a Checkpoint client/server problem because if I connect through an alternate (FortiGate) gateway in my network, my connections never drop.
Can someone please help me troubleshoot the problem?
Thanks in advance.
-
sounds like some idle timeout. Have a look at the firewallstates for these connections (best viewed at the shell/ssh as you see the timeouts there). Do you see them timing out? If yes try to add some firewallrules for this traffic with higher state timeouts.
-
Hoba, thanks for suggestions!
I've already "set optimization conservative" through the webgui. None
of the other connections are dropping.Further, the VPN connection drops even when there is activity, so I
don't think it's an timeout issue. As you suggest, I will check out
the state table entries when the connection drops and report back.If you have successfully used a Checkpoint VPN client through a
pfSense gateway, I'd be very happy if you can share your configuration
with me.Screenshots of my config are posted here.
Thanks!!
-
I have not yet used a checkpoint client yet. :(
Oh, any chance you have a lifetime mismatch somewhere between the concentrator and the clients?