Hello,
i have an issue with a IPsec Site2Site VPN between a Checkpoint R65 Firewall (Gateway_1) and an ASG 220 v8 (Gateway_2).
Following Configuration:
Policy on both Appliances
IKE Settings: AES 256 / SHA1 / Group 2: MODP 1024 Lifetime: 86400 seconds
IPSec Settings: AES 128 / MD5 / Group 2: MODP 1024 Lifetime: 3600 seconds
Propertys on the ASG:
Remote Gateway:
Gateway Type: Initiate Connection
Gateway: IP of Gateway_1
Authentication type: Preshared key
VPN ID type: IP-Adress
Remote Networks: WAN Adress of Gateway_1 and local Network of Gateway_1
Connections:
Local Interface: WAN
Local Networks: WAN Adress of Gateway_2 and local Network of Gateway_2
AutoPacketfilter is ON
Strict Routing is OFF
The Checkpointfirewall have the same configuration and on the ASG 4 of 4 SA's were established. But now i can't send any traffic trough the tunnel. In the LiveLog i found following errors:
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3518: Peer ID is ID_IPV4_ADDR: 'WAN_IP_Gateway_1'
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3518: ISAKMP SA established
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3519: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#3518}
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3520: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#3518}
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3521: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#3518}
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3522: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#3518}
2011:08:19-08:27:17 astaro pluto[6676]: "S_STR2HH" #3519: sent QI2, IPsec SA established {ESP=>0x847c0a6e 0x058527d4 0xc91c9aa3 0xa021a574
I hope that anyone can help me.
Thanks,
meifi
This thread was automatically locked due to age.
