I have a customer employee on-site that needs to connect to their home network via Cisco 4.6 VPN client from our internal LAN. Our network uses a CheckPoint NG-AI firewall.
A connection to their network can be successfully established, but Cisco VPN Client statistics show the "discarded" packet count increasing at a much faster rate than sent/received. After 15-30 minutes, the Cisco client will disconnect with an Error 412: The remote peer is no longer responding.
CheckPoint logs show dropped packets with "UDP length error" messages with a source port of UPD-37892. I believe these packets are used for keep-alive status between the VPN client and remote host.
For troubleshooting purposes, ALL services/ports are open between the remote network and Cisco VPN client workstations.
Setting up a workstation outside the firewall maintains a persistent connection for up to 12-hours with minimal "discarded" packet counts.
Perhaps somebody has run into this situation themeslves. Any direction on this would be appreciated.
A connection to their network can be successfully established, but Cisco VPN Client statistics show the "discarded" packet count increasing at a much faster rate than sent/received. After 15-30 minutes, the Cisco client will disconnect with an Error 412: The remote peer is no longer responding.
CheckPoint logs show dropped packets with "UDP length error" messages with a source port of UPD-37892. I believe these packets are used for keep-alive status between the VPN client and remote host.
For troubleshooting purposes, ALL services/ports are open between the remote network and Cisco VPN client workstations.
Setting up a workstation outside the firewall maintains a persistent connection for up to 12-hours with minimal "discarded" packet counts.
Perhaps somebody has run into this situation themeslves. Any direction on this would be appreciated.