![]() ![]() ![]() This is the reaction of the WAN Checkpoint when I start a ICMP from the DC to the LAN behind the 1430 Appliance using the VPN TUNNEL The point i do not understand is, the "client" initated connection throw the VPN is working fine, the DC initated connection does not work. VPN Tunnel is established without issues. Thanks in advance Christianįor testing purpose i have built up an rule which allows everything between the internal GW and the DC Checkpoint. So the main question: How can I avoid the dropping of the IP0 packets on Customer FW and make sure these packets where forwarded as configured in the Static NAT? I do not have the possibility of a dedicated public IP for this. (On DC-GW packtes are encrypted as expected.) - which is in fact not wrong the Customer-GW has of curse no matching SA for this VPN Connection. Management Traffic between DC and SOL is no problem - fetching policy and changes works like charm.Ĭustomer-GW is dropping all incomming IP0(0/0) packets because of missmatch in SA, when starting communication vom DC-GW. ![]() SOL-GW-IP - DC-IP - any - Customer IP - original Source - Dest - srv - trans Source - trans destĭC-IP - Customer IP - any - original - SOL-GW-IP I have a strange problem nobody seems to have a solution for.Ĭheckpoint GW 80.30 ("DC-GW") -> Internet ICMP -> DATACENTER PC is okĭATACENTER PC -> ICMP -> BRANCH PC is failing. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |