Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ipsec VPN with Checkpoint routing problems

    Scheduled Pinned Locked Moved IPsec
    5 Posts 3 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gajimenez
      last edited by

      I had setup two VPN between a machine running pfSense 2.3.3.p1 (on AWS) and a firewall running Checkpoint R65 and other in a appliance with pfsense 2.3.3.p1 and the same Checkpoint. Both VPN are set correctly and we can see that the status is UP, but our problems occurs with pfsense in AWS because the communication is only working one way. I can only get traffic coming from pfSense and going through Checkpoint. When the checkpoint originates the traffic (ping or telnet) it is not possible to see packages on the interface (ipsec) or logs in the Pfsense, nevertheless, when the traffic originates from the pfsense then allows the communication working in both ways for a short time.

      By the other side, the VPN set with the pfsense on appliance dont' have the problems and working in both ways.

      1 Reply Last reply Reply Quote 0
      • G
        gajimenez
        last edited by

        The problem just happened with checkpoint and pfsense on AWS, we are established VPN with other third parties as Juniper, Fortigate, Paloalto, Cisco ASA and the VPN's working without problems with traffic flowing in both ways.

        On the side of the checkpoint we are seeing that the traffic is sent through the tunnel but in pfsense it is not possible to see these packages

        1 Reply Last reply Reply Quote 0
        • P
          purplexss
          last edited by

          Hello,

          We got the same problem in here

          We used to have IPsec Tunnel between pfSense and Checkpoint and before two weeks, for no obvious reasons (like change conf, or updates) the tunnel seems broken to deliver traffic from checkpoint to pfsense

          I will attach log files as soon as possible

          1 Reply Last reply Reply Quote 0
          • G
            gajimenez
            last edited by

            the only way that i had can fix the problem is with a script that did ping every minute since LAN pfsense to LAN checkpoint.

            1 Reply Last reply Reply Quote 0
            • N
              nerdceo
              last edited by

              I have a similar issue. We successfully did the Phase 1 and Phase 2, from Pfsense (our side) to Checkpoing (Partner side). However, when we run and ping in telnet, keeps coming up with permission denied.

              Anyone here had this issue? The Public IP to Public IP is working fine, but the LAN to LAN just isn't connecting?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.