[USG FLEX 100] VPN doesn't work
Freshman Member
Hello, the VPN stop working and I cannot fix it. Can someone help me?
This is the history log:
32 | 2024-12-26 12:13:43 | info | IKE | Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0x1b4cb4f2] is disconnected | 192.168.1.254:500 | 
84.78.243.245:23355 | IKE_LOG |
|---|---|---|---|---|---|---|---|
33 | 2024-12-26 12:13:42 | info | IKE | Dynamic Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0xaa2df82c] rekeyed successfully | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
34 | 2024-12-26 12:13:42 | info | IKE | [ESP 3des-cbc|hmac-sha1-96][SPI 0xe9ac2823|0xaa2df82c][Lifetime 3620] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
35 | 2024-12-26 12:13:41 | notice | Security Policy Control | Match default rule, DROP | 
185.156.73.53:44835 | 192.168.1.254:4489 | ACCESS BLOCK |
36 | 2024-12-26 12:13:39 | notice | Security Policy Control | Match default rule, DROP | 192.168.1.1:49021 | 192.168.1.254:137 | ACCESS BLOCK |
37 | 2024-12-26 12:13:39 | info | IKE | Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0x7fd1104a] is disconnected | 192.168.1.254:500 |
84.78.243.245:23355 | IKE_LOG |
38 | 2024-12-26 12:13:38 | notice | Security Policy Control | Match default rule, DROP | 192.168.1.1:48639 | 192.168.1.254:137 | ACCESS BLOCK |
39 | 2024-12-26 12:13:38 | info | IKE | Dynamic Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0x1b4cb4f2] rekeyed successfully | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
40 | 2024-12-26 12:13:38 | info | IKE | [ESP 3des-cbc|hmac-sha1-96][SPI 0x7b60ea8c|0x1b4cb4f2][Lifetime 3620] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
41 | 2024-12-26 12:13:38 | info | IKE | Send:[HASH][DEL] [count=6] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
42 | 2024-12-26 12:13:36 | info | IKE | Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0x136f7810] is disconnected | 192.168.1.254:500 |
84.78.243.245:23355 | IKE_LOG |
43 | 2024-12-26 12:13:36 | info | IKE | The cookie pair is : 0x21cccad12765a1c4 / 0x52a69420f4372655 [count=3] | 192.168.1.254:500 |
84.78.243.245:23355 | IKE_LOG |
44 | 2024-12-26 12:13:35 | info | IKE | Dynamic Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0x7fd1104a] rekeyed successfully | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
45 | 2024-12-26 12:13:35 | info | IKE | [ESP 3des-cbc|hmac-sha1-96][SPI 0x398ea70d|0x7fd1104a][Lifetime 3620] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
46 | 2024-12-26 12:13:35 | info | IKE | Recv:[HASH][DEL] [count=3] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
47 | 2024-12-26 12:13:35 | info | IKE | Dynamic Tunnel [RemoteAccess_L2TP_Wiz:L2TP_VPN_Connection:0x136f7810] built successfully | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
48 | 2024-12-26 12:13:35 | info | IKE | [ESP 3des-cbc|hmac-sha1-96][SPI 0xbf4c8889|0x136f7810][Lifetime 3620] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
49 | 2024-12-26 12:13:35 | info | IKE | [Policy: ipv4(udp:1701,92.56.48.166)-ipv4(udp:1701,192.168.42.53)] [count=4] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
50 | 2024-12-26 12:13:35 | info | IKE | [Responder:192.168.1.254][Initiator:84.78.243.245] [count=4] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
51 | 2024-12-26 12:13:35 | info | IKE | Recv:[HASH] [count=4] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
52 | 2024-12-26 12:13:34 | info | IKE | Send:[HASH][SA][NONCE][ID][ID][PRV][PRV] [count=4] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
53 | 2024-12-26 12:13:34 | info | IKE | Recv TSi: ipv4(udp:1701,192.168.42.53), TSr: ipv4(udp:1701,92.56.48.166). [count=4] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
54 | 2024-12-26 12:13:34 | info | IKE | Recv IPSec sa: SA([0] protocol = ESP (3), spi_len = 4, spi = 0x00000000, AES CBC key len = 256, HMAC-SHA1-96, No ESN, AES CBC key len = 128, 3DES, DES, NULL; ). [count=4] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
55 | 2024-12-26 12:13:34 | info | IKE | Recv:[HASH][SA][NONCE][ID][ID][PRV][PRV] [count=4] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
56 | 2024-12-26 12:13:34 | info | IKE | Phase 1 IKE SA process done | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
57 | 2024-12-26 12:13:34 | info | IKE | Send:[ID][HASH] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
58 | 2024-12-26 12:13:34 | info | IKE | The cookie pair is : 0x21cccad12765a1c4 / 0x52a69420f4372655 [count=28] | 192.168.1.254:4500 |
84.78.243.245:4500 | IKE_LOG |
59 | 2024-12-26 12:13:34 | info | IKE | Recv:[ID][HASH] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
60 | 2024-12-26 12:13:34 | info | IKE | The cookie pair is : 0x52a69420f4372655 / 0x21cccad12765a1c4 [count=12] |
84.78.243.245:4500 | 192.168.1.254:4500 | IKE_LOG |
61 | 2024-12-26 12:13:34 | info | IKE | Send:[KE][NONCE][PRV][PRV] | 192.168.1.254:500 |
84.78.243.245:23360 | IKE_LOG |
62 | 2024-12-26 12:13:34 | info | IKE | Recv:[KE][NONCE][PRV][PRV] |
84.78.243.245:23360 | 192.168.1.254:500 | IKE_LOG |
63 | 2024-12-26 12:13:34 | info | IKE | Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID] | 192.168.1.254:500 |
84.78.243.245:23360 | IKE_LOG |
64 | 2024-12-26 12:13:34 | info | IKE | The cookie pair is : 0x21cccad12765a1c4 / 0x52a69420f4372655 [count=2] | 192.168.1.254:500 |
84.78.243.245:23360 | IKE_LOG |
65 | 2024-12-26 12:13:34 | info | IKE | Recv IKE sa: SA([0] protocol = IKE (1), AES CBC key len = 256, HMAC-SHA1 PRF, HMAC-SHA1-96, 384 bit ECP, AES CBC key len = 128, 256 bit ECP, 2048 bit MODP, 3DES, 1024 bit MODP; ). |
84.78.243.245:23360 | 192.168.1.254:500 | IKE_LOG |
66 | 2024-12-26 12:13:34 | info | IKE | Recv:[SA][VID][VID][VID][VID][VID][VID][VID][VID] |
84.78.243.245:23360 | 192.168.1.254:500 | IKE_LOG |
67 | 2024-12-26 12:13:34 | info | IKE | The cookie pair is : 0x52a69420f4372655 / 0x21cccad12765a1c4 [count=2] |
84.78.243.245:23360 | 192.168.1.254:500 | IKE_LOG |
68 | 2024-12-26 12:13:34 | info | IKE | Recv Main Mode request from [84.78.243.245] |
84.78.243.245:23360 | 192.168.1.254:500 | IKE_LOG |
69 | 2024-12-26 12:13:34 | info | IKE | The cookie pair is : 0x21cccad12765a1c4 / 0x0000000000000000 |
84.78.243.245:23360 | 192.168.1.254:500 | IKE_LOG |
All Replies
-
Hello,
We have the same issue in my company since this monday, we've tried to replace the firewall with a new one but we weren't be able to fix it too. 😶
Regards.
0 -
Hi @Brandix,
It is more likely the VPN client has some problem that cannot connect to the VPN. Could you share the error message the VPN client displayed?
Also, please help provide the device configuration and the detailed topology between the firewall and the VPN client so we can further check.
Zyxel Melen0 -
Hi @JC____37,
Please describe more details so we can help you. Like the symptom, device's logs and configuration, client's logs or error message, and the detailed topology between the firewall and the VPN client.
Zyxel Melen0 -
Hello,
The problem has been finally solved on our side. Someone desactivated "L2TP feature" inside the "VPN site by site" nebula menu.
Thks for your reply, regards.
0 -
Hi @JC____37,
Thanks for updating. That's terrifying. I suggest you edit the admin privilege to read-only for that account to avoid this issue happening again.
Zyxel Melen0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 150 Nebula Ideas
- 97 Nebula Status and Incidents
- 5.7K Security
- 268 USG FLEX H Series
- 273 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 41 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 388 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
