IP SEC VPN - Problem with tunnel IP - Page 2

May the 4th (+4)
Roadmap Session and Use Cases for
Cloud Security, SASE, and Email Security

SASE Masters:
Deploying Harmony SASE for a 6,000-Strong Workforce
in a Single Weekend

Paradigm Shifts: Adventures Unleashed!
Capture Your Adventure for a Chance to WIN!

Join the Photo Contest!

Mastering Compliance
Unveiling the power of Compliance Blade

WATCH NOW

CPX 2024 Content
is Here!

Get What You Need

Harmony SaaS
The most advanced prevention
for SaaS-based threats

LEARN MORE

CheckMates Go:
CPX 2024 Recap

LISTEN NOW

Create a Post

I have an ipsec vpn between a Fortinet firewall (Fortigate 100D version 6.2.10) and a Check Point firewall (version R81.10)
The problem I am having is the following:

In phase 2 the firewalls negotiate subnets 172.17.1.0/24 (Check Point side) and 172.17.2.0/24 (Fortigate side). Phase 2 goes up correctly and when calls are made from the Fortigate the connection is successful.

On the other hand, when the connection is initialized by Check Point even though tunnel 172.17.1.0/24 172.17.2.0/24 has been negotiated, Check Point tries to negotiate a new tunnel with the specific IP of the client that is trying the connection. The tunnel is rejected by Fortigate as it is not the one agreed upon and from the logs I receive the no response from peer error.

Is there a setting on the Check Point to eliminate this problem ?

Thanks