Discover the Future of Cyber Security:
What’s New in Check Point’s Quantum R82
Pick the Best of the Best of
CheckMates 2024!
Share your Cyber Security Insights
On-Stage at CPX 2025
Simplifying Zero Trust Security
with Infinity Identity!
Zero Trust Implementation
Help us with the Short-Term Roadmap
CheckMates Go:
What's New in R82
The VPN is going down because certificates are used for IKE Phase 1 authentication; when a rekey occurs the CRL must be retrieved from the SMS/MDS to ensure the certificate has not been revoked. There is a cache for the CRL on the gateways that will help if the SMS/MDS is down for a short period, but if it is down long enough the cached CRL entries will expire and the VPN breaks at the next rekey.
You can extend the CRL cache timeout or even disable the CRL checking completely as described here:
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
