Re: Connection Failed for RA VPN

Matlu · ‎2023-10-19

Hello,

I have a remote user connection that connects through the Endpoint Security VPN.

Once connected, we need the user to be able to access through a S2S VPN that we have against a third party, to an IP 10.105.17.128:10400, but the connection is not successful.

"fw ctl zdebug + drop | grep x,x,x,x,x", gives us the following result.

fw_log_drop_ex: Packet proto=1 10.249.205.74:0 -> 10.105.17.128:10400 dropped by chain_ipsec_methods_ok Reason: vpn_decrypt_methods_ok failed;

Does anyone have any idea why the connection is dropped?

Regards.

PhoneBoy · ‎2023-10-19

The only thing that seems to match here is: https://support.checkpoint.com/results/sk/sk90060
Otherwise, you should involve TAC.

the_rock · ‎2023-10-19

Did this ever work? New config?

Matlu · ‎2023-10-19

This is a new configuration.

The IP pool of my remote users is 172.19.51.0/25.

What we want, is that when they are connected to the office, they should be able to reach an IP of a client, with which we have configured a S2S VPN. This IP is 10.249.205.74.

In our VPN DOMAIN of our Check Point, is it "mandatory" and "necessary" to add the IP 10.249.205.74 that is reached by a S2S VPN?

Are you a member of CheckMates?

Connection Failed for RA VPN