RE: [FW1] : CPFW1 and PIX

[James C. Hanrahan]

Tim: Yes we have had the exact problem. There is a problem with the PIX thinking the tcp checksum is wrong on the reply packets during the initial key negotiation. We still have no fix from Cisco. In the Cisco Firewall feature set on the routers you run into the same ptoblem but can use the no tcp checksum command to get around it. Let me know if you get around it on the PIX.   Thanks, Jimmy Hanrahan -----Original Message----- From: Rizzi, Timothy [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 18, 2000 12:52 PM To: '[EMAIL PROTECTED]' Subject: [FW1] : CPFW1 and PIX Hello All,   Was wondering if anyone has had success running Secure Remote through a Cisco PIX hitting an NT CPFW1 running 4.0?  The PIX statically NATs an internal address running secure remote.  The CPFW1 authenticates the secure remote sessions but does not allow access to the desired host. No drops are displayed.   Are there any documents that you can suggest that outlines this model?   Thanks in advance.   -Tim