IPsec VPN Fortigate 310B - checkpoint R76. Tunnel established but no traffic

Posted on 2013-09-25
Medium Priority
Last Modified: 2013-09-26

Set up an IPsec VPN tunnel between our site, and a remote site.
We are using the Fortigate 310B and the other uses a Checkpoint R76.

Let's just name them:
CompanyA - Fortigate 310B, our site
CompanyB - Checkpoint R76, remote site

The VPN tunnel establishes ok, but no traffic is being sent through the tunnel, triple checked our settings and everything seems to be exactly the same.

Are there any pitfalls connecting fortigate to chekpoint or special considerations, as I can't see where the error is and what is causing it. Could really use some help on this one.

CompanyA Config
Set up the following:
Phase1, interface mode
Static Route
Policy which allows traffic

Phase 2
Static Route
Device: VPN Tunnel
Distance: 10

CompanyA LAN -> CompanyB LAN
Service ANY

CompanyB Config
Here is what I got from CompayB.
The rest of the settings not showed in the pictures is correct.

VPN config

Question by:Lenblock
1 Comment

Accepted Solution

Lenblock earned 0 total points
ID: 39524394
The solution was found.

CompanyB checked their settings and discovered that traffic towards CompanyA LAN was not routed through the tunnel.
CompanyB changed their routing and pointed the traffic correctly, and now it works like a charm.

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question