IKEv2 Remote Access and Site to Site VPN
Hi.
I have a problem with the VPN as in the subject. I have a site-to-site tunnel set up between atp200 and atp500. I would also like to run a VPN for our employees based on IKEv2. I have VPN-Gateway and VPN-Connection (all IKEv2) configured for the site-to-site tunnel and this works fine. I have also created VPN-Gatway and VPN-Connection IKEv2 and selected Server Mode. When I try to connect, I go through Gateway but it doesn't want to set up a tunnel anymore. If I disable the site-to-site tunnel then it will work. Site-to-Site ikev2 with key on wan1 from one ISP, Server mode with certificate on wan2 from second ISP.
Have any of you had this problem?
Accepted Solution
-
Hello @Rad3k,
Welcome to Zyxel Community!
What do you mean by "I go through Gateway but it doesn't want to set up a tunnel anymore"? is it connect fails? If so, could you check if the logs show anything?
As for "If I disable the site-to-site tunnel then it will work", I suspect that there is subnet conflict, could you check on this?
Did you create IKEv2 Remote VPN via Quick Setup Wizard?
James
0
All Replies
-
Hello @Rad3k,
Welcome to Zyxel Community!
What do you mean by "I go through Gateway but it doesn't want to set up a tunnel anymore"? is it connect fails? If so, could you check if the logs show anything?
As for "If I disable the site-to-site tunnel then it will work", I suspect that there is subnet conflict, could you check on this?
Did you create IKEv2 Remote VPN via Quick Setup Wizard?
James
0 -
Hi James
I created IKEv2 Remote VPN manually according to the tutorial I found on the zyxel website.
When trying to connect to a VPN from a computer with Windows 10 Professional installed, I get the following information:
Connecting with ...Verifying your login informationThe context has expired and can no longer be used.
The logs only show me the following information:
Security Policy Control priority:1, from ANY to ZyWALL, UDP, service IPSEC_ISAKMP_L2TP, ACCEPT 31.0.47.223:10697 188.147.129.214:4500 ACCESS FORWARD
Security Policy Control priority:1, from ANY to ZyWALL, UDP, service IPSEC_ISAKMP_L2TP, ACCEPT 31.0.47.223:10697 188.147.129.214:500 ACCESS FORWARD
I also checked for subnet conflicts and I don't see any.
0
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight