- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: Checkpoint 77 to AWS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Checkpoint 77 to AWS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
A bit more context here would be helpful.
- What exact version of code are you working with on the local end? Base version, applied jumbo hotfixes, etc.
- Are you trying to establish a VPN with a Check Point inside of AWS or are you terminating to the AWS VPN endpoint?
- Which documentation did you try to follow?
- What errors are you seeing in SmartLog?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
A little bit more context and information :
- The checkpoint is a R77.10
- I'm trying to etablish a connection between a checkpoint (On-premise) and to terminate to the AWS VPN endpoint.
- I have tried to follow the " https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... "
- I can see the following in Smartlog :
"Key Installed : TUNNEL STATUS CHANGE: Peer gateway AWS1 has changed status to DOWN "
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you using VTIs or not? This is generally the better approach, but it disables CoreXL.
Also the SK suggests using MSS Clamping, which may be needed and will require upgrading to R77.20 and above.
You might want to do that anyway since R77.10 will be End of Support in August 2017: Support Life Cycle Policy | Check Point Software
As troubleshooting VPNs in general is fairly complex, I would recommend engaging with the TAC to assist.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks you for the informations.
I have managed to turn the VPN UP. But I still have issue when trying to reach my subne, any idea ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You might want to see if this applies: "Encryption failure: Wrong peer gateway for decrypted packet (VPN Error code 01)"