cancel
Showing results for 
Search instead for 
Did you mean: 

SSL/ESP transport

SOLVED
Highlighted
New Contributor

SSL/ESP transport

I just enabled ESP transport on 7.4R8

It is working fine but I see in the logs that always transport starts in SSL mode and 5 seconds later goes to ESP mode.

 

Info     NWC30477     2014-01-25 13:37:08 - ive - [xxx] ybenari(xxx)[xxx] - VPN Tunneling: User with IP 10.x.x.x connected with ESP transport mode. Info     NWC30477     2014-01-25 13:37:03 - ive - [xxx] ybenari(xxx)[xxx] - VPN Tunneling: User with IP 10.x.x.x connected with SSL transport mode. 

 

This seems to add a 5 secons delay to login. Is this a normal behaviour? Can I get it to start directly with ESP?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Frequent Contributor
4 REPLIES 4
Highlighted
Frequent Contributor

Re: SSL/ESP transport

What you are seeing is expected behavior. When ESP is enabled there are actually two channels used. A control channel which is always SSL and a data channel which is ESP.

Highlighted
Contributor

Re: SSL/ESP transport

I see the same thing on 8.0R1.0 with Pulse 5.0.1.41197



Info NWC30477 2014-01-27 07:18:46 - ive - [XXX.XXX.XXX.XXX] user (user realm)[user roles] - VPN Tunneling: User with IP 10.10.201.5 connected with ESP transport mode.  
Info NWC30477 2014-01-27 07:18:40 - ive - [XXX.XXX.XXX.XXX] user (user realm)[user roles] - VPN Tunneling: User with IP 10.10.201.5 connected with SSL transport mode.


I see the same thing even if i check the box for "ESP Transport Only (No SSL fallback, this setting is for the Pulse client only)"


There is always 5-6 seconds between the two entries.

Highlighted
New Contributor

Re: SSL/ESP transport

Thanks. I was suspecting it is "by design".

Any idea if it's documented somewhere?

Highlighted
Frequent Contributor