Re: [FW-1] Citrix through Edge VPN

Subject:	Re: [FW-1] Citrix through Edge VPN
From:	Hal Dorsman <hdorsman AT RMEF DOT ORG>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 24 Sep 2004 13:22:12 -0600

Citrix supports it's own encryption so you don't really need
to tunnel it through your vpn.  Not sure why your Citrix would
be dropping, but if you can give a legal IP to your Citrix
server try connecting directly to that.  The overhead of
Citrix encryption inside of VPN encryption would have to be
significant I would think.

Hal

> -----Original Message-----
> From: Stewart Williams [mailto:Stewart.Williams AT TRUSTWAVE DOT COM]
> Sent: Friday, September 24, 2004 10:55 AM
> To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Subject: [FW-1] Citrix through Edge VPN
>
>
> I have read about a number of Citrix issues through FW-1, but I havent
> read anything about getting it to work through a vpn. I have a vpn
> between an R55 cluster and an Edge X device. I can do all
> normal traffic
> through vpn without a problem (term serv, icmp, ftp) but citrix
> connections tend to drop every so often (about every 20 minutes).  Is
> there something I need to do in the FW ruleset? I notice that
> there are
> 2 services defined for tcp 1494. The problem is that I do not
> set which
> one of these services I want the traffic to use, since it is
> through the
> vpn it all comes in as rule 0.  Anyone have any ideas?
>
> stew
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [FW-1] Citrix through Edge VPN, Stewart Williams [FW-1] Citrix through Edge VPN, Stewart Williams Re: [FW-1] Citrix through Edge VPN, Hal Dorsman <= Re: [FW-1] Citrix through Edge VPN, Ray Re: [FW-1] Citrix through Edge VPN, Stewart Williams Re: [FW-1] Citrix through Edge VPN, Ray Re: [FW-1] Citrix through Edge VPN, Stewart Williams

Previous by Date:	Re: [FW-1] Installation error..., GoddardM
Next by Date:	Re: [FW-1] Hub Mode, GoddardM
Previous by Thread:	[FW-1] Citrix through Edge VPN, Stewart Williams
Next by Thread:	Re: [FW-1] Citrix through Edge VPN, Ray
Indexes:	[Date] [Thread] [Top] [All Lists]