This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MaheshCheck
Explorer
‎2024-12-17 05:58 AM
Jump to solution

Ikev2 Phase2 is not getting up

Can anyone help me to resolve the issue

 

IKEv2 Phase2 is not getting up and configuration seems to be fine from both the sides

 

Version :R81.20

 

0 Kudos
38 Replies
MaheshCheck
Explorer
‎2024-12-17 08:34 AM
In response to MaheshCheck
Jump to solution

 
Preview file
7 KB
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-12-17 10:22 AM
In response to MaheshCheck
Jump to solution

Hey,

Im in the zoom meeting waiting, so if you are free, please join, Im good till 2.30 pm est.

Andy

Best,
Andy
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-12-17 12:26 PM
In response to MaheshCheck
Jump to solution

Hey Mahesh,

Just send me your email in direct message, we can connect offline. Not sure what country you are in, but Im in Canada EST (GMT-5)

Andy

Best,
Andy
0 Kudos
MaheshCheck
Explorer
‎2024-12-18 07:44 AM
In response to the_rock
Jump to solution

I am in india(IST) GMT+5:30

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-12-18 07:46 AM
In response to MaheshCheck
Jump to solution

Just messaged you offline.

Andy

Best,
Andy
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2024-12-18 08:24 AM
Jump to solution

Hey everyoone,

Just to update on this, had zoom remote with @MaheshCheck and below are my notes. I feel good now if Cisco side resets the tunnel, it will work fine, but Mahesh will let us know for sure once they do it.

Andy

 

NOTES FROM THE CALL:

-zoom with Mahesh
-we enabled tunnel mgmt as per gateway since its combo of hosts/subnets
-installed policy
-first time config, never worked before
-Cisco mentioned phase 2 selectors are not matching
-peer ip x.x.x.x

below guidbedit settings should be set to FALSE to avoid any supernetting:


ike_enable_supernet

ike_p2_enable_supernet_from_R80.20

ike_use_largest_possible_subnets


peer -> xyz_gateway

we made sure guidbedit settings were set to false, changed last one -> ike_use_largest_possible_subnets

installed policy -> now tunnel shows UP

Mahesh will ask other side to check tomorrow and let us know

 

Best,
Andy
0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2025-01-06 11:01 AM
Jump to solution

Hey mate,

Happy New Year! Just wanted to confirm if you were able to solve this?

Andy

Best,
Andy
0 Kudos
MaheshCheck
Explorer
‎2025-03-11 04:05 AM
In response to the_rock
Jump to solution

@the_rock  sorry i missed your message .

The issue has been resolved now .We selected  super subent(single subnet) from both sides and your suggestion helped us to resolve this issue Thank you 

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2025-03-11 04:41 AM
In response to MaheshCheck
Jump to solution

Glad its working.

Andy

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events