Which is the best practices for the sslvpn timeout settings you are
using ? My problem is that when a SSLVPN disconnected due to line
problem (and not by the user), the VPN cannot reconnect before the
idle-timeout. The CLI user guide state: " When yo...
I don' t know if it' s too late for an answer... In any case, policy
route works on Ipsec interface if you assign an ip address to them. So
in the policy routing in " Force route" you can specify the Ipsec local
interface as outbound interface and th...
ORIGINAL: blanni **EDIT** I think all of this is exactly what Federico
was getting at in his earlier post. Ok, my english is not so good, but
that was the info ... Remote routing is configured by the Internet -
PortXX rule (with Action SSL_VPN). When...
The route for the SSL VPN tunnel are defined in the Portal rule that you
configure on the Internet - LAN interface (ie, the rule that bind the
SSL-VPN policy to the portal). If you enable connection from Any to LAN1
and LAN1 the route to LAN1 and LAN...
Don' t use the NAT in the outbound policy, otherwise the Ipsec Phase 2
will not match. d=36871 trace_id=5 msg=" Allowed by Policy-115: SNAT"
^^^^^^ id=36871 trace_id=5 msg=" SNAT MY_PC_IP->UNKNOWN_DEST_IP:1"
result, packet is Source Nat ^^^^^^^^^^^^^...
ORIGINAL: veechee This is basically the same response I got. It is an
inadequate response because the release notes specifically state which
version of SSL-VPN is compatible with each firmware release. While we
all know that mixing versions isn' t us...
