Web Publisher Security » cisco http://www.publishersecurity.com Information security blog to help web publishers stay protected Fri, 22 May 2009 10:51:42 +0000 http://wordpress.org/?v=2.8.4 en hourly 1 VPN Phase 1 fails – Checkpoint to Cisco http://www.publishersecurity.com/vpn-phase-1-fails-checkpoint-to-cisco http://www.publishersecurity.com/vpn-phase-1-fails-checkpoint-to-cisco#comments Mon, 12 May 2008 15:19:41 +0000 devnull http://www.publishersecurity.com/?p=17 I recently encountered a problem setting up a VPN tunnel between a Cisco router and a Checkpoint firewall.

From the firewall side, i could see an IKE packet going out, and nothing coming back.

On the Router side, there was a reply to the IKE, but an error logged:

“Duplicate Phase 1 packet detected.  Retransmitting lastpacket.”

Now this error should appear if the reply is discarded on the firewall side, and it tries to re-send the initial IKE packet.

Nothing indicated it in the firewall log.

What solved it was enabling Aggressive Mode on the firewall side.

I didnt have the time to go over and see why this helped, but it did the trick, so i moved on.

Another thing, and this is more of a reminder for me, the command for tunnel handling on checkpoint, is “vpn tu”. There you can see all the tunnels, and delete them.

If you know what caused this, please share :D

Update – here is why

]]> http://www.publishersecurity.com/vpn-phase-1-fails-checkpoint-to-cisco/feed 1