This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Casey
Explorer
‎2020-02-24 08:17 PM

IKE failure - no response from peer

Hi there, 

I would like create IPsec from checkpoint  to transit gateway, but I got following error msg 'IKE failure' and 'no response from peer'. (please see the screenshot) 

I would really appreciate if someone can help me with this issue. 

Thanks a lot.

Casey

 

 

 

 

 

0 Kudos
5 Replies
_Val_
Admin
Admin
‎2020-02-24 11:52 PM

Look here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

There are multiple scenarios, some troubleshooting is required. Follow the SK guidance.

0 Kudos
Vincent_Bacher
Advisor
Advisor
‎2020-02-25 12:18 AM

From my perspective and my experience, best next step when facing this message is to consult logs of the peer gateway and perform debug on the peer as well.
In most cases i had there was a mismatch between Phase1 or Phase2 config of the participating gateways and when facing this message i usually find something useful on "the other side"

Cheers
Vincent

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
Abi
Participant
‎2022-10-04 03:02 PM

Hi Casey,

how do you resolved this : IKE failure - no response from peer ?

I have similar issue. On my case , it not a routing issue.

0 Kudos
simoneciotti
Explorer
‎2024-02-02 03:28 AM
In response to Abi

I solved it by changing the VPN Tunnel Sharing from subnet pair to each pair for host in the Tunnel Management

0 Kudos
Lesther_Reyes
Participant
‎2024-03-12 11:27 AM

In my case it happened to me with a Cisco router, the problem was in an ACL on the remote peer, associated with the interface as INBOUND match condition, where the esp 500 udp port was being permit, but it blocked the nat-t 4500 udp and the VPN was armed with NAT-T

We made rules to accept that port but still nothing. Just leaving a rule on the Cisco router like "permit ip any any" everything work.

In your case I see reject...... with checkpoint.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top