IPSec Diffie Hellman group DH20 issues?
Options
Freshman Member
Hi,
I'm currently trying to establish a IPSec VPN tunnel with my USG Flex 500 (
V5.36(ABUJ.2)) to a Palo Alto firewall to a customer. The settings do match between us but the connection can't be established. The debugging from customer side indicates that the Palo Alto uses ID 20 but from my side it reports ID 12 which doesn't exist although ID 20 is configured. Are there any known issues with using newer DH groups like 20 or 21?
0
All Replies
-
Hi @triJRO ,
DH group 20 works in my lab test, can you send me IKE communication packets in PM.
We would like to check ISAKMP SA payload
0
Zyxel Employee
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 87 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 916 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 913 Nebula FAQ
- 421 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
