topic When use Endpoint Security VPN Ping is not reaching the destination. in SASE and Remote Access https://community.checkpoint.com/t5/SASE-and-Remote-Access/When-use-Endpoint-Security-VPN-Ping-is-not-reaching-the/m-p/243522#M2282 <P>My client currently has two firewalls in different buildings, connected in a <STRONG>ClusterXL</STRONG> setup, and they are also linked via a <STRONG>Site-to-Site VPN</STRONG>.</P><P>I am trying to connect to the <STRONG>L3 switches</STRONG> located behind each firewall using <STRONG>Endpoint Security VPN</STRONG>, but I noticed something strange. When I set the site to <STRONG>Building 1</STRONG> and connect via <STRONG>Endpoint Security VPN</STRONG>, I attempted to ping the <STRONG>L3 switch in Building 1</STRONG>, but the ping did not reach it. However, the ping successfully reached the <STRONG>L3 switch in Building 2</STRONG> instead. <STRONG>The policy is not blocking the traffic.</STRONG></P><P>Why is this happening?</P><P>Additionally, when I run netstat -nr after enabling the VPN, I can see the <STRONG>routing table created by the VPN</STRONG>, which seems to include the <STRONG>VPN tunnel gateway</STRONG>. If this gateway appears in the routing table, is it expected that I should be able to ping the <STRONG>tunnel gateway</STRONG> successfully?</P> Tue, 11 Mar 2025 09:50:59 GMT dkzndkqh 2025-03-11T09:50:59Z When use Endpoint Security VPN Ping is not reaching the destination. https://community.checkpoint.com/t5/SASE-and-Remote-Access/When-use-Endpoint-Security-VPN-Ping-is-not-reaching-the/m-p/243522#M2282 <P>My client currently has two firewalls in different buildings, connected in a <STRONG>ClusterXL</STRONG> setup, and they are also linked via a <STRONG>Site-to-Site VPN</STRONG>.</P><P>I am trying to connect to the <STRONG>L3 switches</STRONG> located behind each firewall using <STRONG>Endpoint Security VPN</STRONG>, but I noticed something strange. When I set the site to <STRONG>Building 1</STRONG> and connect via <STRONG>Endpoint Security VPN</STRONG>, I attempted to ping the <STRONG>L3 switch in Building 1</STRONG>, but the ping did not reach it. However, the ping successfully reached the <STRONG>L3 switch in Building 2</STRONG> instead. <STRONG>The policy is not blocking the traffic.</STRONG></P><P>Why is this happening?</P><P>Additionally, when I run netstat -nr after enabling the VPN, I can see the <STRONG>routing table created by the VPN</STRONG>, which seems to include the <STRONG>VPN tunnel gateway</STRONG>. If this gateway appears in the routing table, is it expected that I should be able to ping the <STRONG>tunnel gateway</STRONG> successfully?</P> Tue, 11 Mar 2025 09:50:59 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/When-use-Endpoint-Security-VPN-Ping-is-not-reaching-the/m-p/243522#M2282 dkzndkqh 2025-03-11T09:50:59Z Re: When use Endpoint Security VPN Ping is not reaching the destination. https://community.checkpoint.com/t5/SASE-and-Remote-Access/When-use-Endpoint-Security-VPN-Ping-is-not-reaching-the/m-p/243999#M2283 <P>Need to see a topology digram that includes the relevant elements.<BR />Does the L3 switch have a route to the Office Mode IP address pool (either directly or indirectly with a default route)?</P> <P>The VPN gateway itself won't necessarily being pingable.&nbsp;</P> Mon, 17 Mar 2025 19:44:47 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/When-use-Endpoint-Security-VPN-Ping-is-not-reaching-the/m-p/243999#M2283 PhoneBoy 2025-03-17T19:44:47Z