Zywall usg50 Site to site dropping packages?

MagnusBorgen

hi, setup is as follow:
at server-room site nr1 there is a usg50 with a site to site ipsec vpn  in server-mode.
there are three other sites with Edge-router poe5, all with different ip-ranges connected to the same VPN, and traffic is working. We can altso access system through ports that we have specified in fw. 
BUT when i try to connect a Cisco RV206P to the same vpn we cannot access the server on port 8081:

error - ipsec -  SPI: 0x0 (0) SEQ: 0x0 (0) No rule found, Dropping TCP packet

- 93.124.xxx.xxx:8082 - 77.16.xx.xxx:25955 - ipsec

If i disconnect the cisco traffic goes as normal again and all is working. 

Suggestions?
I am unsure why the destination is 25955... 

Alfonso

Hi @MagnusBorgen

It is difficult to imagine your architecture without a graphical draw.
I am not sure where the Cisco is connected, and where are the unreachable servers.

You specify port 8081, but the logs show port 8082,  ...

I am sure that I and other users want to help you, but we need a bit more information. 

Regards

Zyxel_Emily

Hi @MagnusBorgen,

 

As Alfonso said, please share the topology with us and how USG50, Cisco RV206P and other devices (server) are placed in the site to site VPN scenario.

If possible, send the configuration file of USG50 to me via private message and indicate which rule in VPN connection is unstable.