So the main question: How can I avoid the dropping of the IP0 packets on Customer FW and make sure these packets where forwarded as configured in the Static NAT? I do not have the possibility of a dedicated public IP for this. (On DC-GW packtes are encrypted as expected.) - which is in fact not wrong the Customer-GW has of curse no matching SA for this VPN Connection. Management Traffic between DC and SOL is no problem - fetching policy and changes works like charm.Ĭustomer-GW is dropping all incomming IP0(0/0) packets because of missmatch in SA, when starting communication vom DC-GW. SOL-GW-IP - DC-IP - any - Customer IP - original Source - Dest - srv - trans Source - trans destĭC-IP - Customer IP - any - original - SOL-GW-IP I have a strange problem nobody seems to have a solution for.Ĭheckpoint GW 80.30 ("DC-GW") -> Internet ICMP -> DATACENTER PC is okĭATACENTER PC -> ICMP -> BRANCH PC is failing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
September 2023
Categories |