Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
gajendra229
Explorer

issues lie with the tunnels that have a VPN routing hop in between 2 sites

Direct tunnels are up, and issues lie with the tunnels that have a VPN routing hop through a 'center' gateway.  the tunnels that have a VPN routing hop through a 'center' gateway.

Let say '

Tunnel between 

A&B VTI

B&C VTI

B in centre to A & C

I can not communicate between A & C.. does it need any extra configuration apart from routing 

 
0 Kudos
4 Replies
G_W_Albrecht
Legend Legend
Legend

Did you configure a star VPN community and On the VPN Routing page, Enable VPN routing for satellites as explained here: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SitetoSiteVPN_AdminGuide/Con... ?

Also check Encryption Domain config: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SitetoSiteVPN_AdminGuide/Con...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend

Please ensure below option is configured properly. Link @G_W_Albrecht refers to it

Andy

 

I am fairly sure in your case, 2nd option is what you need

 

Screenshot_1.png

 Below is the explanation:

 

Screenshot_2.png

0 Kudos
gajendra229
Explorer

I have those devices in Mesh and Route based vpn configured between them

A&B in mesh and B&C in mesh  , mean all in mesh not Star,center

A& C is not directly connected , A has to go to C through B only 

between A&C there is no tunnel

0 Kudos
the_rock
Legend
Legend

I would do basic vpn debug and see what gives.

vpn debug on

von debug ikeon

henerate traffic

vpn debug ikeoff

Check ike.elg and vpnd.elg* files in $FWDIR/log dir

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events