USG40: limits on IkeV2 gateways?

Options
mMontana
mMontana Posts: 1,428  Guru Member
Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers 1000 Comments
edited April 2021 in Security
I am using a full upgraded USG40 (ZLD 4.62). "Hub" site
10 IpSec tunnels configured:
7 site-to-site static IP (3 on the same gateway, IkeV2)
1 site-to-site roaming IP (IkeV1)
1 for L2TP
1 for IPSec Roaming users.
Now gateways:
4 are IkeV1, working quite correctly.
2 are IkeV2, working perfectly
2 are for roaming users, IPSec IkeV1, L2TP IkeV1.
Now

One one of the 4 IkeV1 is Ike V2 capable (another USG40 latest firmware). Sometimes VPN goes down, but not the matter right now...
I was going to create another IkeV2 gateway, then switch it for the tunnel on both side.
At the spoke site, no problem. Only IkeV1 gateways, only 2 tunnels, I could switch tunnel between IkeV1 and IkeV2 gateway.

But not on the Hub, which shows only 2 of the 3 configured IkeV2 Gateways.
Currently not able to reboot any of the system, any help appreciated.

Accepted Solution

  • mMontana
    mMontana Posts: 1,428  Guru Member
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers 1000 Comments
    Answer ✓
    My bad. Tunnel was setup in a wrong way (not site-to-site with static peer) so the gateway was not correct for the setup. After edit the wrong setting, IkeV2 Gateway appeared as expecte.d

All Replies

  • mMontana
    mMontana Posts: 1,428  Guru Member
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers 1000 Comments
    Answer ✓
    My bad. Tunnel was setup in a wrong way (not site-to-site with static peer) so the gateway was not correct for the setup. After edit the wrong setting, IkeV2 Gateway appeared as expecte.d

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)