> > According to log, it looks like everything works well. > I can see VPN tunel is established in Edge web management and I can see that > traffic is encrypted and decrypted in SmartView Tracker. No errors. > > But VPN doesn't work I can't even receive ping reply. > Only ping from Fw-1 itself works.
2 things: - Go to the edge, Web portal, and use http://my.firewall/vpntopo.html to see if the Edge got the encryption domain Ok. - Also, from the central side, review that your encryption domain for your VPN-1 Gateway Object and your interoperable devices object are fine. Countless VPN problems are because of small mistakes on the VPN domain definition. - If you have the implied rule for ICMP-requests enabled (Policy-Global Properties-Implied Rules), then pings won't work. Either test your VPN with some other traffic (telnet to port TCP/139 of a Windows machine may work ;-), or disable the implied rule for ICMP-request (AND define manual firewall rules for such ICMP traffic if you really want to allow it) - and then try again... HTH. - Mart�n. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
