This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sergio_Afonso_C
Participant
‎2018-11-30 01:43 PM

IPSec ikev2

Have someone configured a lan2lan tunnel with just ikev2? I have a problem with IDi that presents in the remote peer (it presents private IP) and I do not know if it can be changed / forced to be public IP, without changing the main IP of the cluster. I can nota disable the NAT-T because I have other IPSec tunnels working well with ikev1.

This issue is only with V2.

Thank you!

6 Replies
Maarten_Sjouw
Champion
Champion
‎2018-12-01 06:57 AM

the option you are looking for is Link selection, in the cluster object you need to set the outside interface as the primary IP to be used for building VPN's.

Regards, Maarten
Sergio_Afonso_C
Participant
‎2018-12-02 02:32 PM
In response to Maarten_Sjouw

Hi, this option is only used to set the tunnel. I can stablish the phase1 with the correct IP, but in the phase2 the IDs still the private IP. I have tested all options Smiley Sad

Thank you

El 1 dic. 2018 14:59, Maarten Sjouw <donotreply@checkpoint.com> escribió:

CheckMates <https://community.checkpoint.com/?et=watches.email.thread>

Re: IPSec ikev2

respuesta de Maarten Sjouw<https://community.checkpoint.com/people/190aef73-58b6-43b8-aee6-8bbb11391e10?et=watches.email.thread> en Installation, Maintenance, and Upgrades - Ver la discusión completa<https://community.checkpoint.com/message/34022-re-ipsec-ikev2?commentID=34022&et=watches.email.thread#comment-34022>

Steve_Vandegaer
Contributor
‎2019-01-23 05:08 AM
In response to Sergio_Afonso_C

Did you get this resolved? I have the same issue.

0 Kudos
Sergio_Afonso_C
Participant
‎2019-01-23 05:55 AM
In response to Steve_Vandegaer

NO, I was impossible. Finally I did with ikev1

--

Un saludo

Sergio

De: Steve Vandegaer <donotreply@checkpoint.com>

Enviado el: miércoles, 23 de enero de 2019 13:40

Para: Sergio Afonso Coderch <sergioafonso.coderch@satec.es>

Asunto: Re: - Re: IPSec ikev2

CheckMates <https://community.checkpoint.com/?et=watches.email.thread>

Re: IPSec ikev2

respuesta de Steve Vandegaer<https://community.checkpoint.com/people/921f9968-89ff-4168-b7c1-b7bc78595431?et=watches.email.thread> en Installation, Maintenance, and Upgrades - Ver la discusión completa<https://community.checkpoint.com/message/38090-re-ipsec-ikev2?commentID=38090&et=watches.email.thread#comment-38090>

Steve_Vandegaer
Contributor
‎2019-01-23 05:57 AM
In response to Sergio_Afonso_C

Thanks for the fast response.

0 Kudos
Peter_Baumann
Contributor
‎2019-05-20 08:00 AM
In response to Steve_Vandegaer

I think it's better to use IKEv1...

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

  • In some less common conditions, Check Point IKEv2 IPsec VPN up to R80.30 may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Wed 16 Apr 2025 @ 12:00 PM (PDT)

    Hillsboro, OR: Golf and Learn!
    Virtual

    Thu 17 Apr 2025 @ 11:00 AM (EDT)

    Tips and Tricks 2025 #5: Harmony Browse Can Do That!
    Virtual

    Tue 22 Apr 2025 @ 10:00 AM (CEST)

    2025 Cyber Threat Trends - EMEA
    Virtual

    Tue 22 Apr 2025 @ 05:00 PM (CEST)

    2025 Cyber Threat Trends - Americas
    Virtual

    Tue 22 Apr 2025 @ 02:00 PM (EDT)

    Deep Dive Americas: Management API Best Practices
    Virtual

    Wed 23 Apr 2025 @ 05:00 PM (CEST)

    TechTalk: Four Ways to SASE!
    CheckMates Events
    Top