There's "FW Monitor SuperTool" which makes things easier, and also disables SecureXL if necessary. Please see this awesome post on the syntax (should be " in places where he has used ', just be wary of that). Remember disabling SecureXL before scanning though, as packet acceleration will hide most of the packets. I also recommend using fw monitor instead of tcp dump unless needed. Make sure you have the IP of your NordLayer dedicated server.Add a shared secret that contains at least 20 characters.Set VPN Tunnel Sharing to One VPN. If you see the traffic, but it is not being encrypted in the community, then you'll have to verify that the VPN Domains in the community is correct, so the firewall knows to encrypt it into the tunnel. You say the site-to-site tunnel is working?Įasiest way is just to check your normal logs, and see if the traffic you are looking for is being encrypted in the VPN community. If it doesnt, review the system log messages to. In the output, check whether the Security Association displays. At first glance, this looks like you are running into the known collision between. Perform this task to test VPN connectivity. Up Init means that it is trying to establish the tunnel, and will probably mean that in a few seconds the tunnel will go to DOWN state or UP state. I am not understanding the exact issue here. You definitely want to consider calling TAC to verify your configuration. Open the SmartView Monitor and go to Tunnels on Gateway: First select GWA in the list and review if the tunnel in question is UP, DOWN or Up Init.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |