Hi everyone. Hope someone have came across this problem before.
I have three CP NGX single firewalls which are managed from the same
manager. All three firewalls have VPN tunnels to the same 6 gateways.
There are no VPN tunnel rules between the firewalls and we are using
traditional mode for all VPN connections. This configuration worked fine
for several years on 4.1, NG and R55. After the upgrade to NGX we
started seeing the following behavior:
Randomly instead of normal key exchange to the appropriate gateway
firewall number 2 and 3 are sending RDP request (RDP - CP FWZ key
negotiation reliable datagram protocol (UDP-259)) to the firewall 1
following by RDP request to the VPN gateway. Both request got dropped on
the firewall as we don't have rules for this service. As result of this
the VPNs on firewall 2 and 3 don't work until I install policy on them
or remove firewall 1 VPN domain.
Any ideas what can possibly cause this strange behavior?
Thank you in advance
Kiril
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
