IPSec Diffie Hellman group DH20 issues?
Freshman Member
Hi,
I'm currently trying to establish a IPSec VPN tunnel with my USG Flex 500 (
V5.36(ABUJ.2)) to a Palo Alto firewall to a customer. The settings do match between us but the connection can't be established. The debugging from customer side indicates that the Palo Alto uses ID 20 but from my side it reports ID 12 which doesn't exist although ID 20 is configured. Are there any known issues with using newer DH groups like 20 or 21?
0
All Replies
-
Hi @triJRO ,
DH group 20 works in my lab test, can you send me IKE communication packets in PM.
We would like to check ISAKMP SA payload
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 152 Nebula Ideas
- 100 Nebula Status and Incidents
- 5.8K Security
- 287 USG FLEX H Series
- 278 Security Ideas
- 1.5K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 251 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 86 About Community
- 75 Security Highlight
