This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
harshasm
Participant
a week ago

BGP global settings

just for a clarification, 

we have implemented an several VPN tunnels via our primary ISP link and the environment has another backup ISP link. 
we have tested it with backup ISP link, it is not getting up for any tunnel configuration. (R82.10)

- checkpoint tot checkpoint - Not working
- checkpoint to third party - Not working
- with different backup ISP - working 
- with different vendor isolated firewall with same ISP link - worked

final scenario is only This specific ISP link is not working with Checkpoint firewall only.

backup and primary Links are provided by the same vendor. 

1. what is needed to verify that the below BGP global setting with single route ID and AS number for all advance routing can be a reason to fail the Tunnel establishment. 

2. do I need to config this via peer groups only? 

 
 

Screenshot 2026-05-19 193752.jpg

Thankyou

 

0 Kudos
2 Replies
simonemantovani
MVP Gold
MVP Gold
a week ago

Hello

before establishing BGP, you need to have the tunnel UP, there is no relationship between BGP and VPN; so the first step is to understand why the secondary vpn is not working; did you collect any vpn debug and tcpdump capture to verify if there is communication between the gateways and in case if there are any error about vpn negotiation?

0 Kudos
harshasm
Participant
a week ago
In response to simonemantovani

Hello simonemantovani , 

thank you for kind feedback, 

TAC was collected the Debug, and they are investigating the logs.
The communication has been success between the peer and the source device. checked with Ping. 

error Log is: IKE failure, initial exchange failed due to time out 

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events