Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Issue configuring VPN with VTI between Checkpoint and Azure

Hello,

I am trying to make work a VPN tunnel between a Checkpoint Firewall (R80.10 Tale 259) and Azure but I am getting the following error:

 

Notify Payload

Critical: No
Length: 40
Next payload: Notify
Protocol: 0
Type: Quick Crash Detection Token
ndata: 1c 61 db 62 ad 9a 5b 98 3f 64 1b d1 c8 69 a2 b0 6f 0d c5 79 79 94 6c 15 02 3b 6a 16 df 1f be 43
spisize: 0

 

And then:

 

Notify Payload

Critical: No
Length: 8
Next payload: None
Protocol: IKE
Type: Invalid IKE SPI
spisize: 0

 

It is weird because Phase 1 and Phase 2 negotiate look ok at the begin but then I start to receive these messages and the tunnel does not get established. 

My config parameters:

https://community.checkpoint.com/t5/Remote-Access-Solutions/Azure-Site-to-Site-VPn-fail/td-p/16102

I have tried to modify the timers following some Azure and Checkpoint documentation but without success. Adny idea about what coould be happening? Thank you very much. Best Regards.

 

 

0 Kudos
1 Reply
Highlighted
Admin
Admin

You'll probably need to debug what's happening.
General debugging information for VPNs are here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos