- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Ok.
So i would check ikev2.xmll file on the gw while 'vpn debug trunc ALL=5' is on. And you use ikev2.
Look under the relevant peer under authentication.
The type should be IPV4_ADDR usually (where at the screenshot it says KEY_ID)
Then at the data see the actual ID sent. And weather it's indeed 0.0.0.0 or not.
If it is 0.0.0.0 you have something to show to TAC to investigate, or just consider change to FQDN as mentioned.
If its other valid value. Then it means you don't send 0.0.0.0 as ID. And i would ask PAN side for the proof of ike packet coming with 0.0
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
