[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Linksys BEFSR41 or BEFVP41
I have
experienced one problem with the Linksys BEFVP41 in my testing that you may or
may not need to be aware of. The VPN set-up on the BEFVP41 allows for only
a single subnet to be defined for the Encryption Domain. If the Encryption
domain on your corporate firewall is made up of a group of separate subnets,
then multiple individual VPNs will need to be set-up on the Linksys, one for
each network in your company. In trying this however, I noticed that any
time I pushed a new policy to the firewall, the Linksys would complain about the
Encryption Domains for the various VPNs and the connections would go down until
either, a) the Linksys was restarted, b) someone manually disconnected and
reconnected the individual VPNs on the Linksys, or c) a new key was exchanged by
IKE due to the expiration of the current one, which by default occurs each
hour.
I do
not know if this problem would be experienced or not when the encryption domains
match exactly on the Linksys and Checkpoint.
Shawn
|