Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
AfterMath
Collaborator

SMB VPN SITE TO SITE

Hi Guys!

Could you please give help about configuring vpn site to site .... im having a problem in comunication, can not ping or talk each other!

But the tunnel is active/up

 

SMB 1600Series and 700Series appliance. R80 & R70


0 Kudos
9 Replies
PhoneBoy
Admin
Admin

We need a lot more information about the configuration and troubleshooting done in order to assist here.
Meanwhile, review: https://support.checkpoint.com/results/sk/sk112213 

0 Kudos
AfterMath
Collaborator

Thanks for your feedback @phonethit 

The Site to Site VPN is based on static public Ip address between the two SMB appliances ( 1600 & 750 ) 

 
 

These were the configuration between the two sides!

Cap.PNG

Encryption default;

Cap.PNG

 Advanced  ( permanent link enabled; Certificate any trust )

Cap.PNG

 Practically these were the steps! Some times the link is Up but not working, no ping, nothing!

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Engage with TAC in a quick Chat to get this resolved asap !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
AfterMath
Collaborator

Thanks for your feedback @G_W_Albrecht 

0 Kudos
Tom_Hinoue
Advisor
Advisor

Wow the CP750 WEB UI looks very old which I think the firmware is possibly older than R77.20.51.

Have you tried upgrading the firmware to R77.20.87 latest build for CP750?
I know there are tons of fixes for VPN since < R77.20.51 that might help resolve your issue, compatibility as well.

Also be sure to use the latest version for CP1600 as possible 🙂

0 Kudos
AfterMath
Collaborator

Thanks for your feedback @PhoneBoy  

The Site to Site VPN is based on static public Ip address between the two SMB appliances ( 1600 & 750 ) 

 
 

These were the configuration between the two sides!

AfterMath_0-1687201726318.png

 



Encryption default;

AfterMath_1-1687201726131.png

 

 Advanced  ( permanent link enabled; Certificate any trust )

AfterMath_2-1687201726555.png

 

 Practically these were the steps! Some times the link is Up but not working, no ping, nothing!

0 Kudos
AfterMath
Collaborator

@PhoneBoy  @G_W_Albrecht The license in one side isfor a while a trial, is that a problem!?

cplic.png

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Should work.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
AfterMath
Collaborator

Hi Guys!

I reinitialize the VPN certificates on booth sides, exported the certificates an import/add them on trusted VPN certificates ( Site A on Site B and Site B on Site A ), and installed them in Certificate Matching on advanced mode of each Site..

 

Site A to Site B the tunnel is up and working....

ATunnel.png
Here i have from Site A, the name and the peer address...

 

Site B to Site A the tunnel is up and IS NOT working...

bluetunnel.png

Here i have from Nothing (Blank), Site name and peer address...



The issues is that the Site B is not communicating with Site A..!

 
 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events