[vpn-help] Checkpoint Edge 8.0.36x 15 min VPN timeout issue

Chris Martin cmartin at sjutech.com
Thu Apr 8 15:39:34 CDT 2010


I have been testing the Shrew VPN on Windows Vista 64 bit and the VPN
works great for 15 Min then it stops passing the Traffic between the
Client and the Checkpoint Embedded VPN.

 

Any ideas as to why the VPN client will connect work for 15 min then
stay connected to the tunnel but stop sending the packets encrypted
every 15 min?

 

 

This is what Checkpoint thinks may be the issue:

 

 

Symptoms   

*	When Security Gateway uses DHCP server to provide Office Mode
IPs, Endpoint Connect client disconnects after 15 minutes. 
*	The following Endpoint Connect log message is displayed: "remote
access client IP address and port were changed" 
*	Users may also see the Endpoint Connect log message: "This
machine's IP can only be used with Office Mode. Please try to connect
using Office Mode." 

 Cause The 3rd Party DHCP server IP lease time is set to 15 minutes.
This time is less than the IKE Phase1 Renegotiation time period.
Solution Configure the 3rd Party DHCP server IP lease time to be
equivalent to the IKE Phase1 Renegotiation time period. 

 

 

 

Here is what the IKE renegotiation is

Ike Renegotiation time is 1440 seconds / 24 min (page 644 of users
guide) 

 

 

Chris Martin

SJU Technology Group

Technology Support Manager

Sparrow, Johnson & Ursillo, Inc.

1300 Division Rd, Suite 202

West Warwick RI, 02893            

( Work: (401) 521-4000 ext: 150

( Mobile: (508) 326-2673

( Fax: (401) 274-5368

*  cmartin at sjutech.com <mailto:cmartin at sjutech.com> 

Web:www.sju.com <http://www.sju.com> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100408/f1e16320/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 167 bytes
Desc: image001.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100408/f1e16320/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.gif
Type: image/gif
Size: 682 bytes
Desc: image002.gif
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100408/f1e16320/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 167 bytes
Desc: image003.png
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100408/f1e16320/attachment-0003.png>


More information about the vpn-help mailing list