IPSec Diffie Hellman group DH20 issues?
Options
Freshman Member
Hi,
I'm currently trying to establish a IPSec VPN tunnel with my USG Flex 500 (
V5.36(ABUJ.2)) to a Palo Alto firewall to a customer. The settings do match between us but the connection can't be established. The debugging from customer side indicates that the Palo Alto uses ID 20 but from my side it reports ID 12 which doesn't exist although ID 20 is configured. Are there any known issues with using newer DH groups like 20 or 21?
0
All Replies
-
Hi @triJRO ,
DH group 20 works in my lab test, can you send me IKE communication packets in PM.
We would like to check ISAKMP SA payload
0
Zyxel Employee
Categories
- All Categories
- 438 Beta Program
- 2.7K Nebula
- 188 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.2K Security
- 456 USG FLEX H Series
- 303 Security Ideas
- 1.6K Switch
- 81 Switch Ideas
- 1.3K Wireless
- 44 Wireless Ideas
- 6.8K Consumer Product
- 279 Service & License
- 438 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 91 Security Highlight
