pkc_mls a écrit :
Hi,
I'd like to use a route based vpn between a vpn1 edge and a splat
cluster.
hi and happy new year all.
for those who are still interested with this config, its quite working,
except for a weird issue :
when the site to site vpn that uses the vti on the vpn1edge is active,
the igmp packets from the vpn1 edge are dropped,
even if there is a rule in the policy to allow those.
the smartview tracker says : ip spoofed.
the interfaces are set as external or antispoofing not defined on the
smartdashboard.
and as soon as I disable the route based vpn, the IGMP packets are sent
properly, so the ospf works fine again and the routes are properly learned.
has anyone ever opened a ticket by checkpoint about vpn1 edge issues ?
I sent a mail to sofaware support, they answered with a link to a doc,
and a quick message :
" for other debug, ask checkpoint ...".
___________________________________________________________________________
Yahoo! Mail réinvente le mail ! Découvrez le nouveau Yahoo! Mail et son interface révolutionnaire.
http://fr.mail.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
