<div dir="ltr">Hi List,<div><br></div><div>Trying to connect from my amazon instance to checkpoint located outside of amazon, but no success:</div><div><br></div><div><p style="margin:0px;font-size:11px;font-family:Menlo">000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} </p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000  </p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer": <a href="http://54.77.134.140/32===172.31.27.63[54.77.134.140,+S=C]---172.31.16.1...91.221.238.39">54.77.134.140/32===172.31.27.63[54.77.134.140,+S=C]---172.31.16.1...91.221.238.39</a><91.221.238.39>[+S=C]===<a href="http://91.221.239.6/32">91.221.239.6/32</a>; prospective erouted; eroute owner: #0</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":     myip=54.77.134.140; hisip=unset;</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":   ike_life: 86400s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; nat_keepalive: yes </p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":   policy: PSK+ENCRYPT+TUNNEL+PFS+UP+lKOD+rKOD; prio: 32,32; interface: eth0; </p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":   newest ISAKMP SA: #1; newest IPsec SA: #0; </p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":   IKE algorithms wanted: AES_CBC(7)_256-SHA1(2)_000-MODP1024(2); flags=-strict</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":   IKE algorithms found:  AES_CBC(7)_256-SHA1(2)_160-MODP1024(2)</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 "customer":   IKE algorithm newest: AES_CBC_256-SHA1-MODP1024</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000  </p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 #5: "customer":500 STATE_QUICK_I1 (sent QI1, expecting QR1); EVENT_RETRANSMIT in 7s; nodpd; idle; import:admin initiate</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">000 #1: "customer":500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 85174s; newest ISAKMP; nodpd; idle; import:admin initiate</p></div><div><br></div><div>any clues? big thanks.</div><div><br></div><div>--</div><div>Eero</div></div>