Create a Post
Showing results for 
Search instead for 
Did you mean: 

VPN between Fortinet and Checkpoint - by using NAT some packetes goes time to time the wrong way


Maybe someone can give me a hind to disenchant the magic situation:

I have to connect a Fortigate 200B Firewall (our datacenter) with Checkpoint 1590 Appliance (branch office) by using IPsec VPN. The Checkpoint Firewall have to deal with NAT. For easy management in the test enviorment I have connect the checkpoint over a management VLAN on interface LAN1. Managemend will be done with MDS version 80.40
The VPN terminates on a own interface at LAN4.
I configured the VPN and it works until I not use NAT on Checkpoint.

When I using NAT then sometimes packages don't use the way over the tunnel. From time to time, they don't use the NAT rules and use the way over the management interface. I checked it with running a ping from the branch test client. When the packages try to use the wrong way I checked the VPN tunnels, but they seems to be active (checked on Fortigate and on Checkpoint site by command "vpn tu". Also the log from 'vpn debug ikeon' shows no problem in my point of view.
When I switch back configuration and no NAT is using at branch site, then all is fine. Connection is stable and all packages for the VPN are using it.

On the first view it looks like the VPN is collapsed. But why the Fortigate and 'vpn tu' command shows the tunnel activ? Or should I not be fast enough and the tunnel is restored quickly? Are 'vpn debug ...' and 'vpn tu' the only options on Checkpoint site to check VPN tunnel status?

Thanks, Michael

0 Kudos
1 Reply

A network diagram would be helpful to understand the packet flow here to understand both the need for NAT and the different packet flows. 
In terms of seeing if a VPN tunnel is up, those are two ways to do it.
You can also look at the relevant kernel tables (don't remember the names offhand) or monitor with SNMP.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events