Running a debug on ike and viewing the ikemgr log, I see below errors on PA firewal. IKEv2 IKE SA negotiation is failed as responder. 'IKEv2 certificate authentication failed. When i am trying to establish the VPN tunnel with Checkpoint being the Initiator, I see below logs on the monitor tab. PA and Checkpoint firewall certificates are signed by the same CA, so that the Root CA and present on both firewall to build the chain.
While the logs below are from lab setup, but the actual client problem are the same. Settings are configured to use IKEv2 only with certificate based authentication.
Hello Folks, I am trying to build a site to site vpn between a Palo Alto firewall running 8.1.7 and a Checkpoint firewall.
0 kommentar(er)
