We have an application which sat behind a checkpoint firewall for many months. Some remote sites connect via WAN links which have crypto tunnels configured. This has never been an issue in the past. A typical setup would be a remote pc connecting through a 2950 switch and out via a 1721 router - across the carrier and into the core 3660 router, then through a 6509 switch and checkpoint firewall and 2950 switch to the App server.
We've just implemented a FWSM blade in our core 6509 switch. The app server is now behind the FWSM. Nothing else has changed. Most users are working fine. But those traversing encrypted WAN links are having trouble. The FWSM logging shows TCP sessions establishing fine. But they hang almost straight away. Any ideas?
Jim