CVS Using auth protocol on port 113

[Ted Beaton]

I have my cvs machine sitting in my dmz.  The developers I support have 
noticed a 30 second delay for user authentication everytime they try to 
check out code and if they are checking out a tree, it does it for every 
folder.  I put a sniffer on the port and and found that the 30 second 
delay was due to the cvs machine opening a new port (113) to try and 
ident the machine that initiated the request.  This fails because for 
some reason I can't figure out, I can't get the firewall to pass the 
auth request from the dmz to the internal machine requesting the data.  
Once the timeout expires, the cvs machine sends the data anyway (on port 
2401 like it is supposed to) but the developer is already irritated.  My 
question to the list is this, is there anyway to turn this "feature" off 
so it doesn't try and make this auth protocol identification.  I have 
found (through packet sniffing) that when one of our developers goes to 
a cvs repository out on the internet, that cvs server doesn't try and 
use the auth protocol for machine identification.  This didn't use to be 
a problem but I haven't been able to figure out what has changed to make 
it become a problem, so here's hoping someone else has dealt with this 
and has an easy answer.

Thanks for your time.

All information contained in this email is confidential and may be used by the 
intended recipient only.