Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
JackPrendergast
Collaborator

VPN Phase 2 issues / Tunnel Per Subnet (invalid ID info)

Jump to solution

Hi all,

 

Having difficulty working out how to proceed with this particular VPN set up.

 

This is between an 1800 device running R80.20.30 and a 3rd party non-Check Point.

 

Phase 1 has no issues.

 

Phase 2 fails on 'invalid ID information'

 

When the 3rd party offers me 1 subnet only, and I change the remote encryption domain to that 1 subnet, the tunnel comes up instantly.

 

When he offers more than 1 subnet, and equally I put these subnets in the enc domain, the tunnel fails with the error above.

 

I believe if this was centrally managed/full Gaia, the solution would be to tick 'one vpn tunnel per subnet pair'

 

I cant find such an option on Gaia Embedded.

 

I also tried to create multiple VPN sites with a single subnet in each site, but you cant have multiple vpn sites with the same remote peer IP!!!

 

Anyone?

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
2 Replies
PhoneBoy
Admin
Admin
JackPrendergast
Collaborator

Well played PhoneBoy.

 

Great spot. Thank you!

0 Kudos