Support Center > Search Results > SecureKnowledge Details
Tunnel is up and ICMP packets are sent encrypted but no response received
Symptoms
  • VPN tunnel is up and ICMP packets are sent encrypted but no response received from the other site.
  • Nothing indicates the issue in logs and debugs.
Cause

The cause is super-netting enabled on Check Point device by default that other vendors cannot resolve properly.


Solution

To resolve the problem, disable the supper-netting on 600/700/1100/1400 locally managed appliance.

To do so,

  1. In Check Point WebUI, go to Device tab -> Advanced settings
  2. Clear the "Join adjacent subnets in IKEv1 quick mode" option.
  3. Re-establish the tunnel: connect to CLI, enter Expert mode and run:

    [Expert@Hostname]# vpn tu
    [Expert@Hostname]# 7

    Now enter IP address of the peer
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment