VPN Problems - VPN 3000 Concentrator to Check Point NGX R62

sebastian.pobeda · ‎09-21-2010

Hello,

I'm having problems to successfully establish a VPN connection with a Check Point NGX R62. I´m attaching my configuration (Config.doc)

The Remote Site have 2 networks (172.16.131.0/25 and 172.17.131.0/24).

From my VPN Concentrator can to reach the host on both networks, but from the other device not.

The remote Site are receiving my ping, but the icmp replay is not return.

I configure the RSPAN in my switch to sniffer the traffic in the switch ports where the von concetrator is connected but i cant seen nothung.

In the VPN Concentrator Event Log i can see the followings events:

Group [Public IP - Remote Site]Duplicate Phase 2 packet detected. Retransmitting last packet.
Group [Public IP - Remote Site]Duplicate Phase 2 packet detected. Retransmitting last packet.
Group [Public IP - Remote Site]Terminating tunnel to Hardware Client in network extension mode deleting static route for address: 172.16.131.0

mask: 255.255.255.128
Group [Public IP - Remote Site]IKE Initiator: Rekeying Phase 1 Intf 2 IKE Peer "Public IP - Remote Site" local Proxy Address N/A remote Proxy Address N/A SA (N/A).

Thaks for your helps !

mvsheik123 · ‎09-21-2010

no config attached.. ;-).

sebastian.pobeda · ‎09-21-2010

Sorry, I attach the file Config.Doc again.

mvsheik123 · ‎09-24-2010

Hello,

er my understanding from your priginal posting, the issues is reaching ouit your location from Checkpoint end. Make sure all the ACL/allowed network porperly configured on Checkpoint. Also, per logs looks like the the 'tunnel' getting terminated. Can you make sure, you have continuous connectivity to other side from VPN conc?

Thanks

MS