We are having a very strange behaviour when trying to expand the network list of an IPsec policy-based VPN to a Checkpoint firewall.
We have 5 networks on the Lokal Subnet Sophos side of the VPN and 19 networks on the Remote Subnets Checkpoint side.
If we add another network on the Remote Subnet list (that has already been configured into the Checkpoint VPN configuration) the entire IPsec goes haywire.
No stable connection is beeing created. The routings for the subnets are created and disconnected continuosly.
The entire IPsec connection becomes unstable.
It cannot be stopped but remains stuck. Only restarting the entire VPN service through console brings it down.
In case there was a problem with this particular network, we tried inserting a fictional network into the remote list. It resulted into the exact same behaviour.
We also deleted the entire IPsec configuration and recreated it from scratch. Same problem. The moment we add this network (any other network) things go haywire.
P.S. establishing a routing-based IPsec (which would solve all the problem) is not an option as the checkpoint administrator won't have it.
This thread was automatically locked due to age.