| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Problems with IPSec VPN
Members,
I've configured an VPN between two Checkpoint Firewall-1/VPN-1 Gateways using Manual IPSec encryption. Both Firewalls are running version 4.1sp1 software with strong encryption
and they are managed from the same management station.
In the first place everything seems to work just fine. I can initiate sessions from a host in encryption domain A to an host in encryption domain B and vice versa.
But after a period of inactivity it's not possible to initiate connection from encryption domain A towards encryption domain B. The logging shows that the Gateway protecting encryption domain A is correctly encrypting the traffic, but there are no logging message showing that the gateway protecting encryption domain B is decrypting the traffic.
Even stranger is the fact that when the session is initiated from encryption domain B towards encryption domain A everything works just fine, and traffic from encryption domain A towards encryption domain B is also possible again. It's also notified in the logging of gateway B that this firewall is decrypting traffic from encryption domain A towards encryption domain B again.
Both firewall objects are configured in the same way. There are no spoofing rules dropping any traffic and if they were there the VPN wouldn't work in the first place. Both firewalls are also using the same encryption and authentication methods.
Is this a bug or has anyone some suggestions what the problem can be??
Regards, Andre van der Lans
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
