Since deploying the new agent most of our laptop users have had problems with VPN's disconnecting all of the time, after testing we are seeing a lot of traffic coming from the laptops through the VPN connections causing ISA to drop the connection and thinking its some sort of denial of service attack.
Has anybody had any similar issues and is there any configuration that I can do within any of the epo policies that can circumvent this issue?
Hi Joe thanks for replying. Im not in a position now to get the ISA logs up but from memory I can recall bits like ICMP traffic where I think the agent is pinging all 30 of our distributed repositories to determine which to get updates from? I can pull other information out when I get back to the office but when I connected my laptop in by VPN and initiated a policy retrieval/security update the traffic went through the roof.
I suspect that the flood mitigation limit has been getting hit as when the people with laptops VPN onto the network in the evening concurrently and then ISA has been dropping their VPN connections when this happens.
There was also a massive amount of LDAP queries being logged aswell which we werent sure of their origin but seemed to be interspersed with the distribution point related traffic.
We also have the Artemis part of VSE 8.7 set to Very Low whereas it used to be off (until deploying patch 2 and McAfee had enabled it)
Could this have anything to do with the mass of traffic?
I have not come across this type of issue being reported by our other customers. Please open a support case to investigate this issue.