You may also want to use a packet sniffer (e.g., tcpdump, snoop, fw monitor) to verify that packets are reaching the gateway. Rules to permit IKE and ESP to the firewall Sometimes you may need to put explicit rules in the firewall permitting this traffic. IP protocols 50 and 51 (for any IPSec-related scheme)Īlso, you should make sure that NAT is not being performed on any of the packets. If there are any filtering routers along the way, make sure they permit the following protocols: 11.13 General Troubleshooting Guidelines for VPN ProblemsĮnsure that the appropriate kinds of traffic are being permitted between the two endpoints. Note that any error messages you see in the SmartView Tracker/Log Viewer are documented in the Check Point manuals. The following is a list of common problems and resolutions that relate to establishing a VPN.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |