We have some working tunnels between a Checkpoint box and a Cisco ASA. However despite this we are still seeing lots of errors for:
Rejecting Ipsec Tunnel: no matching crypto map
QM FSM error
Removing peer from correlator table failed, no match!
These all show a source address of the Checkpoint peer. This is despite phase 1 and phase 2 being established already and communication occuring properly.
Is there something that the Checkpoint unit does (tunnel check traffic for example) that is causing these errors?