Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Casey
Explorer

IKE failure - no response from peer

Hi there, 

I would like create IPsec from checkpoint  to transit gateway, but I got following error msg 'IKE failure' and 'no response from peer'. (please see the screenshot) 

I would really appreciate if someone can help me with this issue. 

Thanks a lot.

Casey

 

 

 

 

 

0 Kudos
5 Replies
_Val_
Admin
Admin

Look here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

There are multiple scenarios, some troubleshooting is required. Follow the SK guidance.

0 Kudos
Vincent_Bacher
Advisor
Advisor

From my perspective and my experience, best next step when facing this message is to consult logs of the peer gateway and perform debug on the peer as well.
In most cases i had there was a mismatch between Phase1 or Phase2 config of the participating gateways and when facing this message i usually find something useful on "the other side"

Cheers
Vincent

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
Abi
Participant

Hi Casey,

how do you resolved this : IKE failure - no response from peer ?

I have similar issue. On my case , it not a routing issue.

0 Kudos
simoneciotti
Explorer

I solved it by changing the VPN Tunnel Sharing from subnet pair to each pair for host in the Tunnel Management

0 Kudos
Lesther_Reyes
Participant

In my case it happened to me with a Cisco router, the problem was in an ACL on the remote peer, associated with the interface as INBOUND match condition, where the esp 500 udp port was being permit, but it blocked the nat-t 4500 udp and the VPN was armed with NAT-T

We made rules to accept that port but still nothing. Just leaving a rule on the Cisco router like "permit ip any any" everything work.

In your case I see reject...... with checkpoint.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events