It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

Remote management tunnels over 'McAfee IntruShield' (IPS)

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00005120 
This solution replies to:
- NG Firewall firmware versions 4.2.x,5.0.x, 5.2.x
- netfence firmware versions 4.2.x


Remote management tunnels continuously break and do not rebuild themselves. After re-start of the "mvpn" service, the tunnels build up again for a short while only. 


The recent McAfee® IntruShield® Network IPS Appliance (Engine Version 4400) recognises a specific pattern in the remote management packets passing through the tunnel. According to the IPS Documentation published by McAfee, the packets are associated with the "P2P: SoftEther Alive" pattern match and are blocked.

The blocking of remote management packets is due to incorrect packet handling in the IntruShield Manager Software (version prior According to ISP policy P2P SoftEther packets ought to cause a warning only and ought not to be blocked.


The issue has been solved by McAfee in the meanwhile. The problem no longer occurs with IntruShield Manager (version



Link to This Page: