site-to-site VPN intermittent problem (IOS to Checkpoint NG AI)
My site-to-site VPN between IOS 12.4(4)T1 and Checkpoint NG AI55 is have intermittent problem. I am using preshare key, 3DES/SHA for both phase 1 and 2, even have PFS turned off (for troublshooting), tunnel mode.
At random, the tunnel stops forwarding traffic. I am unable to reproduce problem consinstently. The IPSec SA are still in tact when problem happens. Had to "shut" one of the peer interface in order to clear out the IPSec SA forcing a complete renegotataion. That seems to solve the problem until the next random occurance.
Have anyone seen this problem? Any input would be appreciated. Thanks!!
Re: site-to-site VPN intermittent problem (IOS to Checkpoint NG
Isakmp keepalive would be the next thing I try. Do you know if the Cisco isakmp keepalive is compatible with Checkpoint keepalive protocol? I was told that the Checkpoint keepalive protocol is proprietary. Thanks!
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...