RSA Registration Manager 6.7
Microsoft Windows Server 2003 SP2
Cisco Pix Firewall
Checkpoint firewall
firewall changed from Cisco Pix to Checkpoint and we have been seeing a lot of slowness when loading up the RA Administration pages
The RM pages are extremely slow to load the first time. Firewall seeing packet out of sync errors. The pages are loading normally (10-20 seconds) after the first login. If the application is logging then there is no delay... however after an extended period of time, say over night the pages are extremely slow to load.
Example
*******************************************
Information: TCP packet out of state: First packet isn't SYN
tcp_flags: PUSH-ACK
SmartDefense Profile: Default_Protection
Information: TCP packet out of state: First packet isn't SYN
tcp_flags: PUSH-ACK
SmartDefense Profile: Default_Protection
Timeout set in xudad.conf:
XUDATIMEOUT 305
firewall timeout set at 1 hour and ports (t17636 and t18636) are set to 5 hours.
disabled the time out at the firewall i.e. made it to time out at 24 hrs and have observed that the slowness is not there.
Related Articles
Configuring a Checkpoint firewall to work with SecurID Number of Views RSA SecurID Software Token Administrator's Guide Number of Views RSA announces the availability of the RSA SecurID Hardware Appliance 350 based on the Dell PowerEdge R640 Server Number of Views Getting Started with FIDO Number of Views RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.8 Setup and Configuration Guide
