[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] bouncing IKE tunnel
Hi all, we have three offices using FW1 4.1 sp2 using IKE to tunnel back and forth to each other. It's been working great for months. I've just added a fourth in Atlanta, but the tunnel has been bouncing up and down; running for awhile then quitting. The first time it came back by itself, but after that it's taken a cycle of the FW1 service to get it working again. Nothing unusual in the NT event logs, and the FW logs show a 'no response from peer. Scheme: IKE' message. It seems to work for less time each time we do this; the first time it ran for a couple of days, the last time it only worked for a half hour or so. I have all the machines getting time updates from ntp servers, all the IKE parameters are exactly the same in the VPN props of each FW... Checkpoint suggested rewriting the rules in the rulebase and adding a rule at the top of the list saying 'all encyrption domains' - 'all encryption domains' - ISAKMP - accept, but I'm a little skeptical... Anyone seen anything similar or got any ideas? Thanks, Ian ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|