RSA Registration Manager 6.7
Microsoft Windows Server 2003 SP2
Cisco Pix Firewall
Checkpoint firewall
firewall changed from Cisco Pix to Checkpoint and we have been seeing a lot of slowness when loading up the RA Administration pages
The RM pages are extremely slow to load the first time. Firewall seeing packet out of sync errors. The pages are loading normally (10-20 seconds) after the first login. If the application is logging then there is no delay... however after an extended period of time, say over night the pages are extremely slow to load.
Example
*******************************************
Information: TCP packet out of state: First packet isn't SYN
tcp_flags: PUSH-ACK
SmartDefense Profile: Default_Protection
Information: TCP packet out of state: First packet isn't SYN
tcp_flags: PUSH-ACK
SmartDefense Profile: Default_Protection
Timeout set in xudad.conf:
XUDATIMEOUT 305
firewall timeout set at 1 hour and ports (t17636 and t18636) are set to 5 hours.
disabled the time out at the firewall i.e. made it to time out at 24 hrs and have observed that the slowness is not there.
Related Articles
iOS native mail app authentication using the RSA® Authentication Agent for Microsoft AD FS fails because "An Error Occurred" Number of Views Manually creating the node secret for RSA Authenticaiton Manager fails on Microsoft Forefront Threat Management Gateway Number of Views SecurID: How to create node secret for clustered web server in RSA Authentication Manager Number of Views Manually generate a node secret for RSA Authentication Agent for PAM Number of Views Configuring a Checkpoint firewall to work with SecurID Number of Views
