Thnsk to all for the answers, i´ll implement all the suggetions.
Miguel --- On Fri, 6/13/08, Juraj Sakala <[EMAIL PROTECTED]> wrote: > From: Juraj Sakala <[EMAIL PROTECTED]> > Subject: Re: [FW-1] Checkpoint R62 vs CiscoASA 5505 > To: [email protected] > Date: Friday, June 13, 2008, 8:28 AM > Hi, > > I have had same problem. I implemented simplified mode > VPN > configuration with peer ASA 5520 (and Sidewinder). Tunnel > was unstable > and always goes down. Then I changed policy to traditional > mode > configuration and all problems was solved. > In simplified mode CheckPoint gw tests tunnel with > tunnel_test protocol. > This is not supported on ASA and maybe this is cause of > problems and > unstale tunnel. Use traditional mode and all will be > working. > > Juraj > > Miguel Hernandez y Lopez wrote: > > Hi all, > > > > One of my customer have a VPN with Checkpoint R62 and > CiscoASA, phase 1 and 2 negotiation are ok... the tunnel > established fine with no errors... but after several > minutes the tunnel go down. The odd thing is that in > Checkpoint side i don´t see any drop packets... in the > Cisco side the same. > > > > The traffic is passing through the tunnel is emulation > 3270 from ibm. The solution when the tunnel goes down, is > disabling the rule from Checkpoint.. pushing the rules to > the fw and the enabling again the rule. > > > > The people who manage the Cisco ASA disable the PFS > and i´ve disable in the Checkpoint node too... but the > problem persists, with the PFS disable on both sides the > tunnel is up at leats 2 minutes and then goes down. > > > > Any ideas for this? > > > > thanks in advance, > > > > Miguel > > > > Scanned by Check Point Total Security Gateway. > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > > > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
