Hi Checkmates,
I am facing a problem with a Site-to-Site VPN with AWS and i want your help.
I have established a Site-to-Site VPN with AWS and i have 2 Satellite Gateways acting as Primary - Backup.
The problem is that the VPN connectivity is continuously dropping and from AWS they told us that my Checkpoint Gateway is sending a delete of the IPSEC Phase 2 SAs. This also happens just after a successful phase 1 renegotiation. When AWS receives a request to delete the SA, the request is honored. Tunnel is restored after CGW eventually sends a request to negotiate Phase2.
I have already see all the vpnd logs and ike.elg but i am not seeing something that could help me.
Do you know if Checkpoint can cause this problem because is trying to send the traffic at both tunnels in the same time;
Do you know how Checkpoint handles the traffic selection when you have two remote peers inside the same Site-to-Site VPN with the same encryption domain;
Thank you!