VPN to CheckPoint unstable, showing multiple IKE and IPSEC SA's for one policy


someone had this problem.

I have one VPN between Check Point R80.40 and Aruba..

The symptoms are .. duplicate IKE phase 1 in the Checkpoint and some times VPN goes down.

Duplicate IKE Phase 1 isn't exactly a problem depending on the precise configuration.
In any case, you'd probably need to debug the issue further: 

Never really set up tunnel between CP and Aruba personally, but can ask one of my colleagues who is really good with Aruba to see if there are any known settings/issues to be aware off. Did the tunnel ever work right or you had problem since the beginning? As @PhoneBoy said, debugging this is a really good idea on CP side.

This is what I usually do, super easy process...on CP fw, rune below commands from expert mode:

vpn debug trunc

vpn degug ikeon

generate some traffic

vpn debug ikeoff

Get vpnd.elg file, as well as ike,elg from %FWDIR/log

Use ikeview utility (free to download off google) to examine ike.elg file and look for the entry for Aruba public IP in there and see whats happening. Also, vpnd.elg can give some insights as well.

