IPSec Diffie Hellman group DH20 issues?
Freshman Member
Hi,
I'm currently trying to establish a IPSec VPN tunnel with my USG Flex 500 (
V5.36(ABUJ.2)) to a Palo Alto firewall to a customer. The settings do match between us but the connection can't be established. The debugging from customer side indicates that the Palo Alto uses ID 20 but from my side it reports ID 12 which doesn't exist although ID 20 is configured. Are there any known issues with using newer DH groups like 20 or 21?
0
All Replies
-
Hi @triJRO ,
DH group 20 works in my lab test, can you send me IKE communication packets in PM.
We would like to check ISAKMP SA payload
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
