[VPN] Application timeouts over VPN...HELP!

["Mike Hancock" <[EMAIL PROTECTED]>]

Title: Message

We have a good and solid VPN between a Checkpoint and a NetScreen, its up and solid. I can send 100 pings and get 100% response. Ping times across the tunnel are 63ms average.  The developers for each company keep saying that the "firewall" is dropping the packets. And it is. Application A starts the session(syn), App B answers(synack), App A(ack)....no problem. The apps even talks out to the correct DST ports. Problem comes when App A tries to send info over the established session (example src port 2565) but sends it out 65 seconds since the last communications, the firewalls time out the session and App A should resend over a new source port. It never does. It will try till its dying days to communicate over that FIRST session.

 

I am a router firewall guy and not a programmer, is there anything that I can do to lessen the problem from a firewall/VPN point of view? I keep saying that they need to speed up response times on their TCP communications and send "heartbeats". They call me "Non-Helpful"

 

I just want to fix it. Any ideas?

 

 

App A -----------------Checkpoint========INTERNET===========NetScreen----------------------App B

 

 

_______________________________
Mike