Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jus_soul
Explorer

SIC

Hello! I have some problem with install unified policy. When I want to install policy on A-GW and B-GW, I got errors: Layer "DMZ traffic": The Intranet Community member A-GW must have a signed certificate and Policy verification failed on both gateways.

How I can fix this error?

Thank you for your helping!

0 Kudos
9 Replies
_Val_
Admin
Admin

You need SIC to be established before you can install policy. Go to that GW object and establish SIC. 

0 Kudos
jus_soul
Explorer

I did it, but it still gives an error.  I reset SIC, then enter new OTP, but nothing

0 Kudos
jus_soul
Explorer

Thank you for your answer, but but it still gives an error. We already have trust established

0 Kudos
the_rock
Legend
Legend

Did you try what @Tal_Paz-Fridman suggested? To me, it implies cert might be expired. Lets do quick remote if you are allowed and I can check it for you.

Andy

0 Kudos
Tal_Paz-Fridman
Employee
Employee

It seems that for some reason the Security Gateway in the Community does not have a certificate.

You might want to try to add or renew the VPN Certificate (or enable / disable IPsec VPN Blade):

Security Gateway object > IPsec VPN > Add or Renew

0 Kudos
_Val_
Admin
Admin

@jus_soul, please do what @Tal_Paz-Fridman suggests. It seems A-GW does not have a VPN certificate. 

0 Kudos
Lesley
Leader Leader
Leader

Note that you need vpn cert even if you do not have vpn blade enabled. If so temporarily enable vpn blade renew cert and disable blade again.

-------
If you like this post please give a thumbs up(kudo)! 🙂
the_rock
Legend
Legend

Very true!

0 Kudos
the_rock
Legend
Legend

I would certainly verify what both @Tal_Paz-Fridman and @_Val_ mentioned. Dont worry about warnings, you can ommit those for now, as they never cause policy to fail, its the actual error.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events