Create a Post
Showing results for 
Search instead for 
Did you mean: 

Problem IP Sec VPN Checkpoint > Juniper no response from peer. IKE failuret

Hi ,

   I have a question about IP Sec VPN Connection  Checkpoint > Juniper

Some times I found error message from checkpoint "no response from peer. IKE failure "

As i check on juniper srx did't set Proxy ID configuration So , If Someone here have  experience with

IP Sec VPN checkpoint and Juniper srx  please suggest solution or basic investigate problem

Thanks you


Ake V

0 Kudos
3 Replies

If the subnets/Proxy-IDs proposal made by the Check Point in IKE Phase 2 does not match the Juniper subnet definitions EXACTLY (matching subsets are not allowed on Juniper/Fortinet/Sonicwall whereas they are allowed on Cisco/Check Point), the Juniper will discard the request and not answer.  Either the Juniper administrator needs to modify their policy to match the subnets/masks your Check Point is proposing, or you need to explicitly define the subnets you want to propose to the Juniper in a user.def file on the Security Management Server.  See sk62590 for the proper user.def.* file to edit as there are numerous variants depending on the version of the security gateway, and see sk108600 for the proper syntax definition of the Proxy-IDs in the user.def.* file.


My book "Max Power: Check Point Firewall Performance Optimization"

now available via

Gateway Performance Optimization R81.20 Course
now available at

Hi Tim Hall

Thanks for your answer , from juniper side he have a question about why he need to configuration Proxy IDs

Because Connection can operation normally (Problem  "no response from peer. IKE failure happen some time ")

I mean if not configuration proxy ID tunnel can operation but problem found randomly time.


Ake V

0 Kudos

To have a basic information to start to investigate , you could do :

  • ike debug on check point firewall

vpn debug ikeon

vpn debug ikeoff



Tool -> IKEview

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events