Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sandra_Suarez
Participant

VPN routing

Hi,

***********************
ENVIRONMENT

VPN COMMUNITY TYPE: Star
CENTER GW: CheckPoint R80.10 (appliances 5900) (manage our customer)
SATELLITE GW: Cisco (manage external 1)
SATELLITE GW: Fortinet (manage external 2)
SATELLITE GW: Cisco ASA (manage external 3)
SATELLITE GW: Checkpoint (manage external 4)

**************************
TRAFFIC FLOW

SATELLITE GW from external 2, 3 y 4 needs to contact to SATELLITE GW external 1, the traffic must always pass through CENTER GW.

*************************
CONFIGURATION

Each SATELLITE (2,3,4) arrive to CENTER GW with a follow IP address
customer 2 --> 10.10.10.10
customer 3 --> 10.10.10.15
customer 4 --> 10.10.10.20
they try to connect to 172.25.107.193 (host behid SATELLITE GW: Cisco (manage external 1))

When
Host 10.10.10.10-SATELLITE GW: Fortinet (manage external 2) AND host10.10.10.20-SATELLITE GW: Checkpoint (manage external 4) did the telnet connection to 172.25.107.193-SATELLITE GW: Cisco (manage external 1) EVERITHING WORKS FINE

When
Host 10.10.10.15-SATELLITE GW: Cisco (manage external 3) did the telnet connection to 172.25.107.193-SATELLITE GW: Cisco (manage external 1) DOES NOT OPEN

******************************
LOGS
1. When the traffic works fine between satellites the log traffic show action VPN Routig
2. When the traffic does no work the log traffci show action DECRIPT (never show VPN Routing)

*******************
QUESTION

1. How can we check by CLI the routes created by VPN Routing from Start COmmunity
2. Could you explain us how is the orden in a VPN routing
First decript
Second Nat
Third Encript
3. Do you know how other troubleshooting could we run?

3 Replies
This widget could not be displayed.