Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
234
Views
0
Helpful
1
Replies

Troubleshooting PIX 501/Checkpoint tunnel

shitching
Level 1
Level 1

‎02-10-2005 01:48 AM - edited ‎02-20-2020 11:55 PM

We have a Checkpoint NG FP2 firewall with several VPN tunnels coming into it, all work fine except for two, which connect to PIX 501s.

All seems to work OK, however after a period of inactivity (normally overnight) they are unable to access HTTP through the tunnel. Other applications (Lotus, remote control etc) appear to be OK, only web traffic seems to be affected.

I'm finding very little information to help me troubleshoot the problem.

If anyone could suggest some good sources of information (yes, I’ve checked Cisco’s online documentation and searched TAC! :) I would be grateful. Any handy commands to help me see what’s going on would also be appreciated.

A few more details:

Running PIX IOS 6.3(1)

All traffic is routed through the tunnel, no other routing or tunnels are defined.

We’re using 3DES, SHA1, DH 2.

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎02-10-2005 07:42 PM

First thing I'd suggest is upgrade to 6.3(4), there was some IPsec bugs to do with keepalives in 6.3(1) so that's probably you're problem.

PIX code is available here:

http://www.cisco.com/cgi-bin/tablebuild.pl/pix

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card