Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Raine_Widjeskog
Participant

R80.40 LSV & DAIP Ipsec VPN - VPN domain of peers not detected

Hi,

Saw some other post here asking about odd IPSEC behavior in R80.40. I have been trying to get LSV ipsec VPN working but it seems that the VPN domain is not detected at all and then traffic cannot flow.

If I create the devices as interoperable devices with the same internal CA identifiers under "matching criteria" I can get it working but even then I have to manually override the VPN domain in the VPN community and the firewall doesn't seem able to sniff the VPN domain even from the information i put into the interoperable device information.

Has anyone tried reporting bugs to check point about LSV vpn or does anyone have info about upcoming Jumbo HFAs that might fix this behavior?

Since no VPN domain is detected the tunnel comes up OK but traffic fails to pass because it is dropped by the ruleset with the message : According to the policy the packet should not have been decrypted

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Recommend opening a TAC case.
0 Kudos