Configuration Type:

Site-Site VPN between ASA-5510 (version 8) and Checkpoint firewall

I've gotten layer 1 up and running, however, layer 2 is having problems. I've checked over settings 4 times and it all seems correct, my problem seems to be that it is encrypting traffic but not decrypting.

CFIP-5510ASA-Primary# show crypto ipsec sa

interface: outside

Crypto map tag: vpnmap, seq num: 10, local addr: 67.200.39.10

access-list planet2ndfirewall permit ip 10.0.20.0 255.255.255.0 192.168.30.0 255.255.255.0

local ident (addr/mask/prot/port): (10.0.20.0/255.255.255.0/0/0)

remote ident (addr/mask/prot/port): (192.168.30.0/255.255.255.0/0/0)

current_peer: 209.62.74.253

#pkts encaps: 4, #pkts encrypt: 4, #pkts digest: 4

#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 4, #pkts comp failed: 0, #pkts decomp failed: 0

#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0

#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0

#send errors: 0, #recv errors: 0

local crypto endpt.: 67.200.39.10, remote crypto endpt.: 209.62.74.253

path mtu 1500, ipsec overhead 58, media mtu 1500

current outbound spi: 4BBBF828a

Thanks