IKE VPN Certificate renewal on a USG 210

Hi,

Hopefully someone can help with this.

I have an IKEv2 remote access VPN setup using a certificate created using the Zyxel. It works fine at the moment but when I replace the certificate it stopped working.

I created a new certificate using the Zyxel with the same settings as the previous one. Added it to my computers Trusted Certificates. I then change to the new certificate in the IKE VPNs gateway settings. it then fails to authenticate.

have I missed something? I haven't been able to reboot the Zyxel, will it only set after a reboot?

Thanks


David

All Replies

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,376  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @DaviD42,

    Which IKEv2 client are you using? Zyxel IPSec VPN client or native Windows client?

  • Native Windows.

    Thanks

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,376  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @DaviD42,

    In the VPN gateway, select the new created certificate.

    Export the certificate without password and import it to the laptop.

  • Thanks,

    Thats what I tried. Exported no password, imported to Trusted Certificates in windows. changed the certificate in the VPN Gateway.

    But it then stops working. If i change the certificate back it works fine again.

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,376  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @DaviD42,

    Please send the remote access information of your USG210 to me in private message. I'll check the configuration and establish IKEv2 to your USG210 to check the symptom. Thanks!

Security Highlight