Where is the "Nail-UP" or "Keep Alive" or "Dead Peer Detection" ?
I cannot maintain a VPN connection. The VPN connects once, then fails after a minute or two, then never reconnects back unless I manually uncheck, save, recheck the connection to force initial connect. Need it nailed up!
I tried with, and without the 1-1 nat policy applied. Same results.
2022-11-11 14:59:00 VPN 71.1.1.111 205.111.1.2 [Policy: ipv4(10.111.150.0-10.111.150.255)-ipv4(205.111.1.0-205.111.1.255)]
I tried with, and without the 1-1 nat policy applied. Same results.
2022-11-11 14:59:00 VPN 71.1.1.111 205.111.1.2 [Policy: ipv4(10.111.150.0-10.111.150.255)-ipv4(205.111.1.0-205.111.1.255)]
2022-11-11 15:00:23 VPN 71.1.1.111 205.111.1.2 Peer not reachable
2022-11-11 15:00:23VPN71.1.1.111 205.111.1.2 The cookie pair is : 0x6450fcdf1f27d9f4 / 0x0000000000000000
2022-11-11 15:00:23VPN71.1.1.111 205.111.1.2 Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID]
2022-11-11 15:00:23VPN71.1.1.111 205.111.1.2 ISAKMP SA [SA_HP4] is disconnected
2022-11-11 15:00:23VPN71.1.1.111 205.111.1.2 Send:[HASH][DEL]
2022-11-11 15:00:23VPN71.1.1.111 205.111.1.2 DPD: The remote address of [SA_HP4:SA_HP4] has been no response.
2022-11-11 15:00:23VPN71.1.1.111 205.111.1.2 Tunnel [SA_HP4] Sending IKE request
2022-11-11 15:00:02VPN71.1.1.111 205.111.1.2 Send:[HASH][NOTIFY:R_U_THERE]
2022-11-11 15:00:01System Monitoring CPU temperature: 67 degrees Celsius.
2022-11-11 14:59:41VPN71.1.1.111 205.111.1.2 Send:[HASH][NOTIFY:R_U_THERE]
2022-11-11 14:59:41VPN71.1.1.111 205.111.1.2 Send:[HASH][NOTIFY:R_U_THERE]
2022-11-11 14:59:30VPN71.1.1.111 205.111.1.2 Send:[HASH][NOTIFY:R_U_THERE]
2022-11-11 14:59:30VPN71.1.1.111 205.111.1.2 Send:[HASH][NOTIFY:R_U_THERE] [count=3]
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2 Phase 1 IKE SA process done
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2[ESP 3des-cbc|hmac-sha1-96][SPI 0x4938f05a|0x9db0d912][Lifetime 26400]
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2 [Policy: ipv4(10.239.150.0-10.239.150.255)-ipv4(205.111.1.0-205.111.1.255)]
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2 Send:[HASH][SA][NONCE][ID][ID]
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2 Tunnel [SA_HP4:SA_HP4:0x9db0d912] built successfully
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2 Send:[HASH]
2022-11-11 14:59:00VPN205.111.1.271.1.1.111 Recv:[HASH][SA][NONCE][ID][ID]
2022-11-11 14:59:00VPN71.1.1.111 205.111.1.2[Initiator:71.1.1.111][Responder:205.111.1.2]
0
Accepted Solution
-
DPD is enable by default in Nebula. so you cannot see the options in Nebula.0
All Replies
-
Into VPN connection.
1 -
0
-
DPD is enable by default in Nebula. so you cannot see the options in Nebula.0
-
But the IPSecVPN does not work with Nebula. Evidently the Nail-Up option is missing. I removed from Nebula and factory-defaulted to on-premise mode and had it set up and working in under 30 minutes. I spent close to 20 hours tinkering with Nebula with no success. In my humble opnion, Nebula is not ready for prime time until the missing controls can be overcome with SSH or Local access to fill in the missing features. Another negative experience is trying to work with the LOG. Search doesn't refresh, it has to be refreshed manually and each time it takes 15-20 seconds, only to have to refresh again in every few minutes. On premise logs are instant. I won't consider Nebula for firewalls for at least another year. Its okay to manage AP's, but that's about it.0
-
Dear Zyxel team, could you update the Dead Peer Detection (DPD) feature in the Nebula cloud, I need this feature, thanks.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight