Hello Guys,
So i have this lab setup on gns3(select link above for all pics) and i cannot figure out for the life of me as to why i cannot setup a working tunnel between the checkpoint and asa, the message i get on asa is "received encrypted packet with no matching sa dropping" so i assumed that it could be a network encryption domain issue, so i checked network defined on both sides and they are all perfectly defined, i do know this issue about checkpoints supernetting networks but i literally have only 1 network defined in the encryption domain of checkpoint (ive also tried defining multiple networksfor the encryption domain for the checkpoint but it still doesnt work, also i know for a fact that supernetting is disabled on the checkpoint as ive confirmed that myself), the confusing thins is when i setup the vpn for the first time it was working instantly, tunnel was up and i could see the up tunnel on both the checkpoint and asa but then i decided to make some modifications like including more networks to be encrypted, changing the encryption parameters,etc but it didnt work so i though ill make it simple like i did for the first time when it worked but to my surprise it never worked no matter what i did again, it just doesnt work period! maybe im doing something wrong which one of the people in this community will be able to help me by looking at the pics, also if you want me to i can post the running configs of both firewalls if necessary.
Also on the topology pic the firewalls being talked about are Gtwy-1(on the leftmost part) and the CiscoASA at the bottom right(which is inside the orange oval).
This is the video i followed as a guide-
https://www.youtube.com/watch?v=CLgPEz7fULw&list=PLiCIRBalj7NZFDkyO0bFcJAuj0_WsYMMI&index=5&t=0s
Please help!!
No comments:
Post a Comment