Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sanjay_S
Advisor

AWS VPN Setup

Hi All,

 

We have setup a new VPN from Checkpoint R80.10 to AWS. We are getting the below message in tracker though the packet is accepting.

Firewall - Protocol violation detected with protocol:(IKE-UDP), matched protocol sig_id:(4), violation sig_id:(13). (500)

I have created the new UDP IKE service with Protocol signature enabled and allowed the access to peer but still the same. May i know what could be the reason?

Thanks in Advance.

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Wouldn't you want the protocol signature not set, since that seems to be the issue?
That said, we should fix the protocol signature, which means some packet traces and a TAC case are in order.
0 Kudos
Sanjay_S
Advisor

So TAC case is must you say? Never enabled protocal signature for any other AWS VPN till date. And for this i enabled and implemented though the issue persists.
0 Kudos
PhoneBoy
Admin
Admin

In your original post, you said: "I have created the new UDP IKE service with Protocol signature enabled"
I just checked the original definition of IKE, and it does not have Protocol Signature enabled.
I can't think of any reason why you should enable this, either.

In any case, I would consult with the TAC as this is clearly not expected behavior.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events