Manualshelf

Troubleshooting guide

ManualsBrandsBay Networks ManualsComputer equipmentBayRS
161162163164165166167168169170
Appendix A: State Tables for VPN-1/FireWall-1 4.0 SecuRemote — server side tables
Advanced Technical Reference Guide 4.1 June 2000 159
Used by SecuRemote Client: Yes.
Used by FW daemon: No.
Keys: <gw_ip>
Values: None
Timeout: None
Comments: Used by SecuRemote kernel to decide whether to encapsulate packets.
Note that decryption is done based on the IP protocol.
userc_request table
attributes: expires 60
<c073cd1c; 55/60>
Includes a list of gateways, with which the SecuRemote client has a pending encryption request.
Used by SecuRemote Client: Yes.
Used by FW daemon: No.
Keys: <gw_ip>
Values: None
Timeout: 60
Comments: Used by the client to prevent excessive traps to the daemon (indicating
that there is currently a negotiation with the gw).
SecuRemote — server side tables
These are the tables used by VPN-1 gateways for the communication with SecuRemote clients.
userc_rules table
The userc_rules table holds a list of rules that are relevant for SecuRemote and a list of IP addresses and
sessions key (for optimization).
Example
attributes: expires 900, free function 133279992 20
<c0a83005, 00000001; 00000001; 859/900>
<c0a83005, 00000000; 81fc7538; 859/900>
The userc_rules table uses the following format:
<client’s IP address, rule number; (0 or 1); time left/total time>
or:
<client’s IP address, 0; pointer to kernel buffer holding user name; time left /total time>