This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
Legend Legend
Legend
‎2021-08-13 11:44 AM
In response to Exonix

Sigh please read my prior post again...

Yes the Cisco one still works because Cisco is less strict about the subnets/Proxy-IDs it will accept unlike Fortinet/Sonicwall/Juniper and doesn't need user.def* modifications to work typically.

Everything else you mentioned in your last reply (One VPN tunnel per subnet pair, ike_p2_enable_supernet_from_R80.20) is not relevant to the contents of the $FWDIR/conf/user.def.FW1 which will override all that.  Find the $FWDIR/conf/user.def.FW1 file on your original R77.30 SMS (not the upgraded R80.40 one) and I can *guarantee* you have subnet_for_range_and_peer directives in there.  Those directives need to be placed in the $FWDIR/conf/user.def.R77CMP file on your upgraded R80.40 SMS, and then reinstall policy to your gateways.  Full stop.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

View solution in original post

(1)
Who rated this post