Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Ivory

Site to Site VPN Issue

Dear Respected Members,

I am new to Checkpoint Technology and needs some help in creating a S2S VPN.  I am trying to create a S2S VPN between one R80.20 Cluster and one Standalone gateway running on R80.30, currently managed by one Mgmt Server running on R80.30.  

The traffic is getting rejected between two gateways, I have checked my Rule base,VPN community and everything looks fine, however I am unable to determine whats going on? It seems both gateways are unable to talk to eachother as they both are used in the same meshed VPN community. I have noticed one more thing as soon I remove the VPN community from VPN traffic rule base then my both gateways are able to ping each other, I am not sure why traffic gets rejected when I put both Gateway within same VPN community?

I have run debugs as well and it only tells me Main mode failure.

Please assist me on this if possible. Thanks

S2S VPN Issue.PNG

 

0 Kudos
5 Replies
Highlighted
Ivory

Hello Phoneboy,

Thank you very much for your reply.

I have gone through the SK article you mentioned and made necessary changes, however the tunnel is still not coming up, as soon the traffic enters in to the community its giving me IKE failure error. 

I am just loosing hope on this. It will be great if somebody can advise me. Tx

pic.PNG

02.PNG

0 Kudos
Highlighted

Have you set a pre-shared key on both sides?
You created the same VPN community on both management servers with th exact same settings?
Also make sure the VPN topologies are defined the same on both management servers.
Regards, Maarten
0 Kudos
Highlighted
Ivory

Hello Maarten,

Thanks for your reply.

Both gateways are managed by One Management server so I have created one meshed VPN community and used it on both policies on the gateway.

It should be simple config, however its still not working.

0 Kudos
Highlighted
Admin
Admin

0 Kudos