I ran into a production outage due to this very same issue last week, it would be great if Check Point could get this resolved. Fingers crossed for R82 since a lot of VPN work is being done in that version. This is the guidance I've been given for this issue:
- Reset tunnel from SmartView Monitor GUI
- Reset tunnel from "vpn tu" CLI
- Implement the following SAM blocks:
- Traffic where the source is the Check Point public IP and the destination is the peer gateway IP;
- Traffic where the source is the peer gateway IP and the destination is the Check Point public IP;
- Traffic where the source is the subnet behind the Check Point and the destination is the subnet behind the peer gateway;
- Traffic where the source is the subnet behind the peer gateway and the destination is the subnet behind the Check Point.
The SAM rules would be the last option when #1/2 fail.
