The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Security Gateway accepts another Diffie-Hellman group then what is configured
R77.30, R80.10, R80.20, R80.30
When the VPN peer is initiating IKE negotiation with Security Gateway, and is sending another Diffie-Hellman group then what is configured in the VPN community, the Security Gateway accepts it, and later the VPN traffic is dropped.
Packets are dropped on proposal unmatched, although the VPN tunnel is established.
Configuration mismatch - Perfect Forward Secrecy was configured on the Security Gateway, but not on the VPN peer.