Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Advisor

AWS VPN Setup

Hi All,

 

We have setup a new VPN from Checkpoint R80.10 to AWS. We are getting the below message in tracker though the packet is accepting.

Firewall - Protocol violation detected with protocol:(IKE-UDP), matched protocol sig_id:(4), violation sig_id:(13). (500)

I have created the new UDP IKE service with Protocol signature enabled and allowed the access to peer but still the same. May i know what could be the reason?

Thanks in Advance.

0 Kudos
3 Replies
Highlighted
Admin
Admin

Wouldn't you want the protocol signature not set, since that seems to be the issue?
That said, we should fix the protocol signature, which means some packet traces and a TAC case are in order.
0 Kudos
Highlighted
Advisor

So TAC case is must you say? Never enabled protocal signature for any other AWS VPN till date. And for this i enabled and implemented though the issue persists.
0 Kudos
Highlighted
Admin
Admin

In your original post, you said: "I have created the new UDP IKE service with Protocol signature enabled"
I just checked the original definition of IKE, and it does not have Protocol Signature enabled.
I can't think of any reason why you should enable this, either.

In any case, I would consult with the TAC as this is clearly not expected behavior.
0 Kudos