Hi,
We are experiencing problems with one (out of 15) of our VPN tunnels. When the
other side tries to open more then one session, not tunnels, i.e. start a
second ping to a second host, the tunnel crumbles...the performance breaks
down, and I see in my FW-1 log the following message :"IKE: Quick Mode Received
Notification from Peer: invalid spi"
We have a FW-1 R54 HFA-417 Cluster XL in HA Unicast mode the other side is a
Cisco VPN concentrator. When I do cphastop on one (out of 2) cluster nodes
everything seems to work fine...;-(
I tried to set the stickyniss of the cluster to IP's & ports which did not help
also setting to IP's didn't help.
Anybody any idea's?
Dion
-----------------------------------------------------------------------
Dion-ben Hendriks, Netwerkspecialist
UMC St Radboud
Staf Informatievoorziening - ICT in balans
<http://www.umcn.nl/overhetumc/afdelingen/staf_informatievoorziening>
UMC St Radboud / UMC Nijmegen
Route 37 Stafdienst Informatievoorziening
Postbus 9101
6500 HB Nijmegen, The Netherlands
Tel:(+31)/(0) 24 36 19330
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
