AnsweredAssumed Answered

Phase -2 not working in the Ipsec tunnel

Question asked by Brianpiraty Alexi on May 14, 2018
Latest reply on Jun 8, 2018 by Houssameddine Zeghlache

We have multiple sub nets in the local encryption domain(checkpoint firewall ) . and only one subnet for the remote peer encryption domain. Remote peer is a non checkpoint device.

 

Once we have initiated the ping from central gateway to remote gateway , I see that Phase 1 is up.

 

Phase2 not. Ike .elg file shows that  P1 - main mode - all 6 packets good.

 

 

P2- quick mode , the first packet itself ( QM packet 1) itself failed. is the QM packet I see that IP address of central gateway and remote peer.

when I initiate a ping from the device behind the firewall , though the IP is listed in the subnet , it is not encrypted.

 

what could be wrong in configuration?

Outcomes