This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Webnoob
Explorer
‎2025-07-28 06:59 AM

VPN connection disconnects after few seconds

I have Quantum Spark 1570 Appliance installed firmware R81.10.17.
Gateway have Radius connection to AD and have Azure MFA extension installed on NPS server.

I have one user who is unable to keep VPN connection .
Connection is established but after a few seconds get disconnected.

I have collected log from the client but not sure what I should be looking for.

User is running Windows 11 ver. 24H2 Build 26100.4652 and VPN client E88.30 Build 986105506

It is only that one user who is experiencing this problem.

0 Kudos
22 Replies
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-07-28 07:13 AM

Recommend updating him/her to E88.62 or later per:

https://support.checkpoint.com/results/sk/sk182749

CCSM R77/R80/ELITE
0 Kudos
Webnoob
Explorer
‎2025-07-28 07:16 AM
In response to Chris_Atkinson

Actually just upgraded to E88.70 and the symptoms are different. Now the client is reconnecting after 20 sec, connected and again reconnecting in an endless cycle.

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-28 07:56 AM
In response to Webnoob

I know latest client version, E89, is pretty stable. See if that makes any difference.

Andy

0 Kudos
Webnoob
Explorer
‎2025-07-28 08:05 AM
In response to the_rock

Cannot find E89.x for Windows, only MacOS

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-28 08:08 AM
In response to Webnoob

https://support.checkpoint.com/results/download/135200

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2025-07-28 08:10 AM
In response to Webnoob

Anything that makes this users machine so special compared to the others that work ? Can other users logging into RA VPN on this machine see the same issue ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Webnoob
Explorer
‎2025-07-28 08:12 AM
In response to G_W_Albrecht

Other users using this machine for RA VPN is experiencing the same issue.

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2025-07-28 08:16 AM
In response to Webnoob

I do not think new versions will resolve the issue as this is the only client with it. Better completely re-image the workstation, only install needed SW and retry!

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Webnoob
Explorer
‎2025-07-28 10:47 AM
In response to G_W_Albrecht

I have testet the issue all possible ways
The last thing I noticed was when the computer where connected to mobile hotspot the computer connected to the internet with the same WAN ip as the firewall has.
Next time I am onsite I will test it with other devices and check if any static routes have been configured or if there are any misconfigured ip addresses.

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-28 05:20 PM
In response to Webnoob

That actually sounds logical.

Andy

0 Kudos
Timothy_Hall
MVP Gold
MVP Gold
‎2025-07-29 05:22 AM

There are quite a few things that can cause this exact behavior, see here:

sk44075: Endpoint Connect client disconnects every 20 seconds after connecting successfully to VPN G...

sk172184: Remote Access client behind NAT disconnects after 20 seconds in Visitor Mode

 

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course
0 Kudos
Webnoob
Explorer
‎2025-07-29 05:37 AM
In response to Timothy_Hall

The symptoms in sk44075 are not pressent in the log.

The fix applied in R80.40 should be in the running R81.10.17 firmware, so not sure sk172184 applies to my issue.

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-29 05:52 AM
In response to Webnoob

I still think point 4 would be good to check from the sk44075.

Andy

0 Kudos
Webnoob
Explorer
‎2025-07-29 05:55 AM
In response to the_rock

You might have overseen that the device is Quantum Spark 1570 Appliance locally managed

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-29 05:56 AM
In response to Webnoob

k, nm then, not applicable. Any luck if you tried E89 client?

Andy

0 Kudos
Webnoob
Explorer
‎2025-07-29 05:58 AM
In response to the_rock

Tried E89.00 and the symptoms changed to are reconnecting loop

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-29 06:16 AM
In response to Webnoob

I would definitely open TAC case for this then.

Andy

0 Kudos
Webnoob
Explorer
‎2025-07-29 06:57 AM
In response to the_rock

Already done that

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2025-07-29 11:33 AM
In response to Webnoob

What did they say so far?

Andy

0 Kudos
Webnoob
Explorer
‎2025-07-29 11:50 PM
In response to the_rock

They couldn't find the cause for the issue.
We checked konfiguration, looked in the logs and checked firewall settings.

I am onsite to day, so when the user checks in I will try again.

0 Kudos
Chris_Atkinson
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
‎2025-07-29 06:21 AM
In response to Webnoob

Does the device have multiple WAN interfaces in use?

Advanced Settings wise we have two parameters with 20-second values.

One for back connections the other for SNX keepalives.

CCSM R77/R80/ELITE
0 Kudos
Webnoob
Explorer
‎2025-07-29 06:57 AM
In response to Chris_Atkinson

No only one WAN interface and only one user with the issue

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events