Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sanjay_S
Advisor

VPN Stability Issue

Hi All,

We have a VPN tunnel between R80.10 to R65 Checkpoint devices. The VPN is not stable, we ran the debug during the issue and found that the R65 device is Deleting the Negotiation for Phase 1 at first few times and then it accepts and create the SA.

NegotiationTable::NegotiationUpdated: Updating indices for: 
NegotiationTable::DeleteNegotiation: Invoked for:

>The debug logs from R80.10 says the below:

NegotiationTable::MatchPeerMethodsIDs: No match found.
NegotiationTable::MatchPeerP1Neg: No match found.
 
However, after few negotiation it will come up automatically. Is there any know limitations in R65?
 
Thanks in Advance.
4 Replies
Chris_Atkinson
Employee Employee
Employee

R65 has been end of support for a number of years. Is this a gateway managed by a 3rd party?
CCSM R77/R80/ELITE
0 Kudos
Sanjay_S
Advisor

Hi Chris,

Gateway is managed by the 3rd party.
PhoneBoy
Admin
Admin

R80.10 supports more encryption methods than R65.
Assuming the VPN community settings match on both ends it should still work.
That said R65 has been End of Support for years now.
0 Kudos
FedericoMeiners
Advisor

Do you have various Phase1/Phase2 settings to negotiate? If yes then ask the peer to send you which Encryption and validation algorithms they have and select only one for each in both sides.
____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events