Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - ian.bugeja

#1
Spent hours looking at the capture and couldn't figure out anything. It seems that no data is received and it's being dropped for some weird reason.
#2
General Discussion / Re: VPN IPsec issues
August 20, 2022, 09:28:44 AM
Any pointers what you did to establish connection to the checkpoint VPN please? I can't seem to arrive at that stage.

Connection succeeds but no data is received so it drops seconds later.
#3
I have the same issue. I have spent hours trying to fix this but cannot figure out what's going on.

What I can say is that the firewall sends traffic but sees nothing coming back
#4
Thanks, yes already had a look and did one again. Performed both on WAN and the internal interface and I can see exact same packets, so I think I can exclude the Firewall Rules.


On Checkpoint Client side i see the logs, which indicates that it's connecting (port 443) but then fails to establish the tunnel.

[6 Mar  0:28:32] Policy changed, restarting connection (2)
[6 Mar  0:28:32] Sent ClientHello
[6 Mar  0:28:34] upgarde is not configured on the site
[6 Mar  0:28:34] Starting new connection (2)
[6 Mar  0:28:35] Topology download in progress
[6 Mar  0:28:35] upgarde is not configured on the site
[6 Mar  0:28:35] firewall policy desktop_policy connected enforced successfully
[6 Mar  0:28:35] Office mode IP was set successfully
[6 Mar  0:28:37] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18001.
[6 Mar  0:28:38] OM started successfully with IP = 192.168.170.86.
[6 Mar  0:28:38] Client state is connecting
[6 Mar  0:28:38] Connection was successfully established (2)
[6 Mar  0:28:39] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18002.
[6 Mar  0:28:41] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18003.
[6 Mar  0:28:43] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18004.
[6 Mar  0:28:45] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18005.
[6 Mar  0:28:47] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18006.
[6 Mar  0:28:49] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18007.
[6 Mar  0:28:51] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18008.
[6 Mar  0:28:53] No reply from the gw ip=10.0.9.2 for tunnel test packet. Office Mode IP=192.168.170.86, source port=18009.
[6 Mar  0:28:55] IKE tunnel disconnected, error code=-1000. Reason: Site is not responding.
[6 Mar  0:28:55] Client state is connected
[6 Mar  0:28:55] Tunnel (2) disconnected. State is connected. Trying to reconnect.
#5
Have a weird issue which have been troubling me for months....

I have a PC on the LAN connecting to a VPN (checkpoint) via the Windows Checkpoint app. The connection establishes but immediately drops. Cannot explain why.

The system is is quite straight forward. Simple WAN and LAN with NAT. Cannot even see the dropped/deny connection attempts in the firewall view.

Any pointers would help

OPNsense is latest version
#6
I have a pretty standard setup with NAT and IPV4. We have a client PC connecting to a checkpoint VPN (IPSEC) through the opnsense firewall. (this is not the opnsense VPN just a normal connection from the firewall's end) For some reason the connection succeeds but the VPN client receives no data hence the connection then drops after a couple of seconds.

Any pointers where I can look please? I tried looking at the logs but cannot see any packets coming from the source.