Hi all, I've a problem with IPSEC VPN. THis is my situation...I've two site that I want to connect via IPSEC VPN. On one site I've my monowall behind an ISP router and on the other side I've a Checkpoint soho@office 500w with public IP configured DIRECTLY on the WAN interface (see a little schema below)
monowall LAN (192.168.196.254) -> monowall WAN (192.168.1.2) -> router LAN (192.168.1.1) -> router wan STATIC IP (87.30.xx.xx)
---------INTERNET ---------------
Checkpoint soho@office 500w (203.2.xx.xx)
All the IPSEC VPN parameters are the same on both side. Phase 1 and Phase two are configured EXACTLY with the same parameters. This morning I've tried to establish the tunnel and everything was fine...but after the first renewal, Phase 1 was ok, Phase 2 failed. Restarted the tunnel...all ok...after little while...Phase 1 ok, Phase 2 ko. Is it possible that ISP router introduce some problems due to NAT settings? Or is a problem related to Monowall system? I've found a lots of message in the log like.."no policy found" or "failed to get proposal for responder"...
I don't know whats happen but now on the Checkpoint (located in the other site), I see this message "Failed to establish VPN tunnel with 87.30.xx.xxx: no response from peer."
Please, help me to solve this issue...it's so urgent...thanks for your support
|