Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSEC VPN between Checkpoint & Cisco

Hi all

I've established a VPN between our Checkpoint FW and a customer's Cisco Router.

Out Checkpoint FW shows no errors in the logs but the customer is reporting that their Cisco router is filling up with the following message:

%CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at 195.75.x.x

IPSEC(validate_transform_proposal): no IPSEC cryptomap exists for local address x.x.x.x

We've checked the parameters again and again and can't see anything wrong on either side yet problem persists. Any ideas?

Thanks

1 REPLY
New Member

Re: IPSEC VPN between Checkpoint & Cisco

Hi,

Are you able to post some more info such as the config on either sides (without sensitive info). It would also be useful if you could do a "show crypto isakmp sa" and "show crypto ipsec sa" on the cisco device. May be worth capturing some debugging too.

Is there any NAT going on between the two devices? Or do the external interfaces of both have public IP addresses.

Thanks

363
Views
0
Helpful
1
Replies