This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Raine_Widjeskog
Participant
‎2020-03-05 11:26 PM

R80.40 LSV & DAIP Ipsec VPN - VPN domain of peers not detected

Hi,

Saw some other post here asking about odd IPSEC behavior in R80.40. I have been trying to get LSV ipsec VPN working but it seems that the VPN domain is not detected at all and then traffic cannot flow.

If I create the devices as interoperable devices with the same internal CA identifiers under "matching criteria" I can get it working but even then I have to manually override the VPN domain in the VPN community and the firewall doesn't seem able to sniff the VPN domain even from the information i put into the interoperable device information.

Has anyone tried reporting bugs to check point about LSV vpn or does anyone have info about upcoming Jumbo HFAs that might fix this behavior?

Since no VPN domain is detected the tunnel comes up OK but traffic fails to pass because it is dropped by the ruleset with the message : According to the policy the packet should not have been decrypted

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2020-03-06 04:29 PM

Recommend opening a TAC case.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events