- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- Re: Why does the service tunnel_test_mapped disabl...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why does the service tunnel_test_mapped disable Accept Templates?
Hi all!
While playing with rules and services to understand more about templating, I noticed that when the tunnel_test_mapped service is included in a rule, Accept Templates get disabled.
I could only find sk44075 talking about this service, and apparently it needs to be used when "Accept control connections" is disabled in Global Properties.
Does anyone know what this service exactly is (the vague explanation and protocol no.17 (UDP) does not help) and what it does?
And what is the difference between enabling "Accept control connections" in Global Properties and creating a rule with tunnel_test_mapped service?
Thank you in advance!
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's explained in sk32578 which describes SecureXL, in the section describing the conditions which prevent an acceleration template from being created.
Rules with "complex" services - services that have anything specified in the "Match
" field, or "Enable reply from any port
" , or "Source port
" of their "Advanced
" section.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Very good question! I googled it, but best you can find is whats in service properties, nbot much on support site either.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's explained in sk32578 which describes SecureXL, in the section describing the conditions which prevent an acceleration template from being created.
Rules with "complex" services - services that have anything specified in the "Match
" field, or "Enable reply from any port
" , or "Source port
" of their "Advanced
" section.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That is true. It would be nice to know though what exactly that service does.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Alex. Thank you for the response. It somehow makes sense.
But now I have another question. What is the difference between enabling "Accept control connections" in Global Properties and creating a rule with tunnel_test_mapped service, considering I'm not making any changes to the properties of the service (as in "Use default settings" enabled)?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It appears to be related to checking VPN Security Associations according to a TAC note I saw.
Any service with a handler in it will disable Accept Templates as per SecureXL limitations.
This doesn't happen when enabled in Global Properties as it's not