Creating IPSec VPN: Aborting connection after 3 attempts

Options
Hi,

I am trying to setup an IPSec VPN on our VPN300 (5.21). I used the wizard on the device to create an IKEv2 configuration and pulled the configuration to the Zywall IPSec VPN Client. I currently only use certificate as Authentication - I have created a self-signed certificate on the VPN300 for this purpose which I have imported into the configuration on the client. 
When I try to connect the client, the console displays: 

Reading configuration
IKEv1 configuration detected...
Default IKE daemon is removing SAs...
Default reinitializing daemon
No SSL configuration
TKEV2_RemoteAccess_Wiz configuration OK
TKEV2_RemoteAccess_Wiz_SEND_IKE_SA_INIT [HDR]... (this appears three time)
TKEV2_RemoteAccess_Wiz 3 attempts with no response. Aborting connection

I have tried with certificates for the IP4 address of the router and the DNS address (on both sides) - both did not change the outcome. Ports 500 and 4500 are open on the router in the Policy control WAN_to_Device rule. 

Does anybody have an idea what could be wrong here?

Thanks in advance and best wishes,
Jan

Accepted Solution

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,065  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Welcome to Zyxel forum community.
    What is your software version of Zyxel IPSec VPN client?
    Can you recreate the Remote VPN wizard again and see if it worked? (Please refer to this tutorial :).)
    If it still has problems, you can post the fail log screenshots on this discussion and provide your device configuration file to us via private message.

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,065  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Welcome to Zyxel forum community.
    What is your software version of Zyxel IPSec VPN client?
    Can you recreate the Remote VPN wizard again and see if it worked? (Please refer to this tutorial :).)
    If it still has problems, you can post the fail log screenshots on this discussion and provide your device configuration file to us via private message.

  • UIAdmins
    UIAdmins Posts: 2
    First Anniversary
    Options
    Hi Jeff,
    Thank you for quick reply - we followed the instructions and can now connect to the IPSec VPN using the ZyWall IPSec client. 

    Thanks and best wishes,
    Jan

Security Highlight