Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
pankajagr83
Explorer

Checkpoint IPsec VPN to 3rd party firewall phase 2 dpd issue

Hi ,

We have build ipsec tunnel between checkpoint and fortinate. Checkpoint end  Cluster ip address (public IP) forming two tunnels with two different fortinate firewall. AT checkpoint end we have enabled MEP as R80.40 installed.

Tunnel 1 working fine. tunnel 2 phase two is getting down. when primary shutdown secondary tunnel up only after manually bounce the tunnel at fortinate end.

What is the issue??

0 Kudos
1 Reply
the_rock
Mentor
Mentor

Question...can you see what it shows on CP side when this happens? Any specific log, error? What about ike.elg file?You can get one by doing vpn debug ikeon on the firewall, then replicate the issue, then vpn debug ikeoff and look for ike.elg in $FWDIR/log directory

ON Fortigate, try below:

 

di de di

di de reset

di de application ike -1

di de enable

and watch for the output

I think I can help you on remote session if you like.

 

Andy

0 Kudos