IKEv2 Remote Access and Site to Site VPN
Hi.
I have a problem with the VPN as in the subject. I have a site-to-site tunnel set up between atp200 and atp500. I would also like to run a VPN for our employees based on IKEv2. I have VPN-Gateway and VPN-Connection (all IKEv2) configured for the site-to-site tunnel and this works fine. I have also created VPN-Gatway and VPN-Connection IKEv2 and selected Server Mode. When I try to connect, I go through Gateway but it doesn't want to set up a tunnel anymore. If I disable the site-to-site tunnel then it will work. Site-to-Site ikev2 with key on wan1 from one ISP, Server mode with certificate on wan2 from second ISP.
Have any of you had this problem?
Accepted Solution
-
Hello @Rad3k,
Welcome to Zyxel Community!
What do you mean by "I go through Gateway but it doesn't want to set up a tunnel anymore"? is it connect fails? If so, could you check if the logs show anything?
As for "If I disable the site-to-site tunnel then it will work", I suspect that there is subnet conflict, could you check on this?
Did you create IKEv2 Remote VPN via Quick Setup Wizard?
James
0
Zyxel Employee
All Replies
-
Hello @Rad3k,
Welcome to Zyxel Community!
What do you mean by "I go through Gateway but it doesn't want to set up a tunnel anymore"? is it connect fails? If so, could you check if the logs show anything?
As for "If I disable the site-to-site tunnel then it will work", I suspect that there is subnet conflict, could you check on this?
Did you create IKEv2 Remote VPN via Quick Setup Wizard?
James
0 -
Hi James
I created IKEv2 Remote VPN manually according to the tutorial I found on the zyxel website.
When trying to connect to a VPN from a computer with Windows 10 Professional installed, I get the following information:
Connecting with ...Verifying your login informationThe context has expired and can no longer be used.
The logs only show me the following information:
Security Policy Control priority:1, from ANY to ZyWALL, UDP, service IPSEC_ISAKMP_L2TP, ACCEPT 31.0.47.223:10697 188.147.129.214:4500 ACCESS FORWARD
Security Policy Control priority:1, from ANY to ZyWALL, UDP, service IPSEC_ISAKMP_L2TP, ACCEPT 31.0.47.223:10697 188.147.129.214:500 ACCESS FORWARD
I also checked for subnet conflicts and I don't see any.
0
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight
