Hello everyone,
 
 I have some trouble when creating a SITE-TO-SITE connection between FORTIGATE 200B and a Checkpoint EDGE 
 device (its a small appliance like SBOX, it is not an NG firewall).
 
 PLEASE NOTE: 
 The " outside"  interface that I use is a VLAN interface which is assinged to the LAN interface on the FORTIGATE. 
 However this VLAN interface has a PUBLIC ip address and is accessable from the remote peer. 
 
 
 I have configured the connection on the FORTIGATE 200B as an route based VPN (by using an IPSEC 
 interface in the phase1). 
 On the FORTIGATE lan site I created a LOOPBACK interface with an address of 10.10.10.10/32. On the 
 remote peer I have a class C subnet 192.168.10.0/24.
 The policies and the static route are created.
 
 After creating all that I simply initiated PING command from the remote peer' s lan to the LOOPBACK interface
  and tunnel came up (both phase 1 and 2). HOWEVER, there is no reply and afer about 10 to 15 seconds 
 there is a message on the remote peer' s log that 
 says: " Failed to establish VPN tunnel: invalid SPI x.x.x.x" 
 
 On the FORTIGATE debug output it says :
 
 :error processing quick-mode message from [EDGE ip address] as responder
 :no matching phase2 found
 
 The phase 2 exists on both peers and it matches exactly. However the FORTIGATE debug says otherwise.
 
 Does anyone has any ideas ?
 
 Thanks