Cannot connect VPN IKEv2 to usg 100
Freshman Member
I have configurate a IKEv2 VPN connection but each time i cannot connect and i saw this error message in the log
1 | 2024-10-17 07:55:12 | warn | ADP | Rule_id:1 from WAN to Any, [type:UDP-Decoder(74)] oversize-len Action:Drop Packet [count=3] |
|---|---|---|---|---|
V5.39(ABUH.0) / 2024-08-22 06:21:11
Can you help me ?
Best regards
All Replies
-
Hi @Franz94370,
This is more likely due to the other side of the IKEv2 VPN sending over-size-length packets. What is the device that connects to USG FLEX 100? If it is site-to-site VPN, are the VPN configurations on both the routers/firewalls the same? (MSS)
In addition, if this device is trusted, you can set the ADP allow list to bypass the traffic. The rules below screenshot an example, you might need to adjust to fit your network.
Hope it helps.
Zyxel Melen0 -
Thank you for your answer.
I tried to create the rules but cannot connect.
Configuration is VPN Client to site.
I try tout connect on a Win10 Pc using the built in Windows client
The USG is connected upstream on a Dray Tech router and a DMZ has been configurate on 192.168.8.2 and my computer IP is 90.0.142.50
I am sending you log of the screen
shot
I have tried to modify the parameter UDP LEN ATTACK in ADP but it is the same.
What can you suggest
0 -
Disable ADP and see if it connects
is the connecting device set with Jumbo packet disabled or set to 1514
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 149 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 264 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 41 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight
