I am trying to create a externally managed check point gateway obejct.
I am getting the bellow error message.
What to do to fix this?
This simply tells you that you have to create another CA object and import its certificate in to your SMS.
Get the CA cert from remote site that is issued certificate to the externally managed GW and add this object before configuring the Externally Managed Gateway:
1. Get admin of the Externally Managed Gateway to export their CA cert by:
and sending it to you.
2. Create a "Trusted CA" object in your SMS:
And then proceed to create the Externally Managed Gateway object.
I have done that, still the same problem.
The deviation I have done is on step 1, as I do not have that on my 1430 Appliance.(R77.20.31) m On that one I am going to in the web interface then to VPN --> Internal Certificate --> Export Internal CA Certificate and then download the crt file that i import in step 2 above.
Have you performed the CA import on the other side?
Please see How to configure Site-to-Site VPN between a Locally Managed 600 / 1100 appliance and a Security Gateway "Site-to-Site VPN between a Locally Managed 600 / 1100 appliance with Dynamic IP address (DAIP) and a Security Gateway".
Retrieving data ...