IPSEC VPN - Remote Access VPN stopped working

networx
networx Posts: 9  Freshman Member
First Comment Fourth Anniversary

Dear,

i can't figure out what is wrong.

We setup the Zyxel Remote Access VPN. This was working for a few weeks and now we receive the error "The remote connection was denied because the username and password combination you provided is not recognized, or the selected authenticationprotocol it not premitted on the remote access server".

In the client log i see:

CoId={2B7A7503-3FD7-0003-B371-822BD73FDA01}: The user xxxxx dialed a connection named xxxx which has failed. The error code returned on failure is 691.

In the firewall log i see "generating IKE_AUTH response 2 [ EAP/FAIL ]"

I know the username and password is correct. I created a test user just to be sure and the same error.

I attached screenshots of the whole configuration.

We use the Windows buildin VPN client with the custom certificate.

Please advice

All Replies

  • networx
    networx Posts: 9  Freshman Member
    First Comment Fourth Anniversary

    We created the vpn users locally on the Zyxel firewall.

    USG FLEX 500H

    V1.10(ABZH.1)

  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited January 7

    Set certificate for VPN validation to auto disable/enable VPN download the script and see if that works

    is the certificate you made by IP or domain?

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,206  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hi @networx

    Not sure if it is related to the selected certificate or other issues. Could you provide remote Web-GUI access for further investigation? We will send a private message to you later; please check your inbox. Thanks.


    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • networx
    networx Posts: 9  Freshman Member
    First Comment Fourth Anniversary

    Hi Peter, Hi Jeff,

    Sorry for the delay in reponse. The vpn connection worked again after rebooting the firewall. Let's hope this is a one time issue.

    We generated a certificate using the firewall with the fqdn adres of the client.

    Thank you for the response. At the moment the ticket was completed by rebooting.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,206  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hi @networx

    OK, noted. Many thanks for your update.


    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L