We have multiple sub nets in the local encryption domain(checkpoint firewall ) . and only one subnet for the remote peer encryption domain. Remote peer is a non checkpoint device.
Once we have initiated the ping from central gateway to remote gateway , I see that Phase 1 is up.
Phase2 not. Ike .elg file shows that P1 - main mode - all 6 packets good.
P2- quick mode , the first packet itself ( QM packet 1) itself failed. is the QM packet I see that IP address of central gateway and remote peer.
when I initiate a ping from the device behind the firewall , though the IP is listed in the subnet , it is not encrypted.
what could be wrong in configuration?