VPN Concentrator Lan-Lan Established but no traffic flow

Unanswered Question
Mar 28th, 2007


I have a VPN Lan-Lan from My Con to ChkPoint NG. The live log shows Phase 2 Established but there is no Ping response from My Site to the Remote site.

To brief up, my Con is sitting in the DMZ.

DMZ 1 is the outside of the Con.

DMZ 2 is the inside of the Con.

Routing is done and I can see a Hit count increase on the ACL's in the pix when I try to reach the other end.

I also can see the TX increasing when I initiate a connection, and the RX increases when the remote site initiates a connection. But nothings working in between.

Any one faced such a dead end, please advise. Routing in the Con for the tunnle is to the inside.


Tauseef Ahmed.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ggilbert Thu, 03/29/2007 - 05:59


When the VPN concentrator is connected, If you go to Administration|Administer sessions and choose the session that is created for Lan to Lan, do you see an IPSec Session created for your local and remote host?

If so, can you please let me know what is the Bytes received and Bytes transmitted count?



tauseef Thu, 03/29/2007 - 08:22

Hi Gilbert,

Yes it does show an IPSEC connection.

The IPSEC TX is 20309 and keeps incresing when I initiate a ping.

The IPSEC RX is 667 and this does not increase when I initiate a ping,

rather increases when the remote site initiates a ping to my local


Also the Access List on the Pix show an increase in the access-list

hit count as such am sure the packet is going out, but going out

where as the remote end Chk-NG log shows not receipt of any traffic

from my end.

I know I am not helping much, but if you would wish you I could give

more dumps in form of screen shots if I could reach you via email.

Tauseef Ahmed.

[email protected]


This Discussion