AnsweredAssumed Answered

Unstable VPN with AWS

Question asked by Sander Zumbrink on Feb 1, 2019
Latest reply on Feb 1, 2019 by Sander Zumbrink

Hello,

 

We are busy with setting up VPN's between AWS and Check Point onpremise ClusterXL setup.

We are using BGP for dynamic routing between both environments.

We followed the instructions from AWS and Check Point SK exactly.

 

The setup works, traffic is going from AWS to the customer and back.

But...

 

The VPN tunnel is really unstable. We see a lot of disconnects with BGP.

Almost all the issues are related to the key install with phase 1 and next the phase 2.

It looks like AWS is sending me deletes for the keys.

The Check Point is starting new main mode for phase 1.

And packets arive from AWS with invalid SA.

 

I already have a ticket with Check Point support, but no solution yet.

So I'm asking here if there are other experts had these issues.

And how to solve it...

Outcomes