Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
FloydG
Participant

Change interval of location check (disconnected/connected)

Dear Checkmates,

unfortunately I did not find any solution around knowledgebases etc. regarding this issue...
We configured two zones on all endpoint clients (E86.20). Connected and Disconnected.

Connected mode means, the eps server is reachable and the client is allowed to reach the entire network.
Disconnected mode means, the eps server is not reachable and the client is limited to reach the EPS server IP and public VPN IP.

Therefore the client is locked out until its verified that its connected to coporate network.

When any client is connecting to VPN, the connection is established within 5 seconds.
But its not possible to reach any network device, until 10-40 seconds passed by.
In the meantime, EPS server ping is possible (due to disconnected expection).

During our investigation, we clearly noticed that the client takes very long to switch between those locations.
It does not switch quickly to location "connected" and therefore allow traffic to pass.

My question: Is there any config parameter we can adjust, which specifies the interval, how often the client checks wheater its connected or not?

It feels like there is a 60 seconds interval set.

I hope you understand what I mean.
Thank you in advance!
Floyd

 

 

 

0 Kudos
1 Reply
Chris_Atkinson
Employee Employee
Employee

How is the client heartbeat currently configured in your environment (defaults)?

Refer: 

https://community.checkpoint.com/t5/Endpoint/Restricted-Policy-Delays/td-p/143488#M5344

CCSM R77/R80/ELITE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events