Gateway confusion between two IPSec Gateways
Options
All Replies
-
Up.
Tunnel survived to a firewall (spoke) reboot, however still have to understand if it will work after a public ip change.0 -
Any news on this topic?
Seemingly I have the same issue.
- Win10 IKEv2 Cert tries to connect – to an IP that will just answer to this one gateway. On the 2nd WAN.
- Cert is signed on the IP (static)
- Gateway is listening to the IP and LocalID is set to the IP
- Setting a PeerID on Windows is not supported as far as I know?
- I get a proposal mismatch, since it seems to try ANY of the gateways, but NOT the one I am targeting.
Why would Gateway X answer a call to Gateway Y on a totally different WAN, IP and LocalID?
I need to have Apple, site-2-site (both working well) and now also Win10/11 running – PCs being the minority here.
0 -
Yeah seemingly there is more to my problems and the gateway confusion is just one symptom.
But I am telling it as it was: Connect to WAN1 - get a response/error from a gateway on WAN2.
0 -
I changed the negotiation parameters for the specific site-to-site tunnel. Then the IKEv1 tunnel from client worked without issues.
0
Guru Member
Master Member
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
