Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tsukasa
Participant

Site-to-Site VPN Fail(Checkpoint 1500 series and Fortigate)

Hello everyone.

 

I am tring to connect site-to-site VPN with Checkpoint 1500 series and fortigate.

 

It seems to be established VPN tunnel and be connected to the opposite fortigate.

 

But it is impossible to reach ping each other lan .

 

There is no error message on security log of checkpoint.

 

The tunnel of the fortigate is up too.

 

How can I connect to the opposite fortigate?

0 Kudos
2 Replies
G_W_Albrecht
Legend Legend
Legend

Did you read  sk108600: VPN Site-to-Site with 3rd party ? What about Forti logs ? VPN/IKE debug shows that all VPN establishing phases are successfull? How about traffic capture ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Timothy_Hall
Legend Legend
Legend

Almost certainly a Phase 2 failure involving the Proxy-ID/subnets negotiation. VPN - Check Point and Fortigate

Have the Fortinet side initiate the interesting traffic to start the tunnel towards the Check Point, then post the Check Point VPN logs that appear.  If the Check Point is trying to initiate the tunnel the resulting logs from that will not be helpful.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events