IPSec Diffie Hellman group DH20 issues?
Options
Freshman Member
Hi,
I'm currently trying to establish a IPSec VPN tunnel with my USG Flex 500 (
V5.36(ABUJ.2)) to a Palo Alto firewall to a customer. The settings do match between us but the connection can't be established. The debugging from customer side indicates that the Palo Alto uses ID 20 but from my side it reports ID 12 which doesn't exist although ID 20 is configured. Are there any known issues with using newer DH groups like 20 or 21?
0
All Replies
-
Hi @triJRO ,
DH group 20 works in my lab test, can you send me IKE communication packets in PM.
We would like to check ISAKMP SA payload
0
Zyxel Employee
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 212 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 548 USG FLEX H Series
- 341 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 52 Wireless Ideas
- 6.9K Consumer Product
- 295 Service & License
- 468 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.7K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight
