I checked the firewalls logs can see UDP4500 being sent but the controller doesn’t get that far when I check the controllers logs.ĭoes anyone know if there’s something different you need to do when the controller is behind a firewall with NAT? Is this checkpoint being funny? (I enabled any port on the rule to see and it still has same behaviour). It negotiates UDP500 the next part of this VPN should then be UDP 4500 but the controller never sees that phase. I can see traffic coming through but when the controller starts to negotiate the traffic through UDP 4500 it fails and does not progress to this stage. The checkpoint firewall is set to allow UDP&TCP 500/4500 - so should be all the IKE ports. This is having traffic hit the public IP Checkpoint NATs this to an internal address which the controller has. Check SmartView Tracker, to see if Main mode and/or Quick mode are failing. Try switching to a pre-shared secret (Although less secure, a pre-shared secret will bring up the tunnel, until the issue is resolved by Check Point Technical Support). Setting up a remote VPN solution using a 7210 controller (working to Clearpass).įor security reasons, I have placed the controller behind a firewall. Try using the latest available VPN client, which can be found on the Remote Access (VPN) Clients page.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |