Ipsec via main GW stops work, Found old outbound SPI error in debug log
All Replies
-
Hi @alexey
When the issue occur again, please don’t change interface IP and keep the symptoms, we will check it immediately.
Don't miss this great chance to upgrade your Nebula org. for free!
0 -
This is not real. We need that sites was avaible every time.
So I must change gw/ip.
0 -
Problems still persist. 2 vti in dead state. GWs are avaible.
0 -
2 ZW USG 1100. Less than 3 hours of work each. 1 of 2 VTI stops working.
Can't see each other. Other 15 VTIs work.
Caps from VTI.
0 -
Hi @alexey,
It works fine as now after we added another policy to block abnormal traffic coming up to USG interface.Also, we found out that, the connectivity check packet lost in ISP routing. You may check with ISP about it.
A send connectivity check packet to B, B receiver the packet, and did reply.
However, A got no response from B.
Don't miss this great chance to upgrade your Nebula org. for free!
0 -
Hi again. Today this situation returned again on 1 site. Both gw available, but vpn via main dont work. Help only switch ipsec vpn.
0 -
+1 to this count today
0 -
Hi @alexey
I will contact with you via private message to check if it is same as before that related to CC packets lost in ISP routing.
Don't miss this great chance to upgrade your Nebula org. for free!
0 -
This happened again today. USG 1100 fw 4.620
Categories
- All Categories
- 414 Beta Program
- 2.2K Nebula
- 131 Nebula Ideas
- 91 Nebula Status and Incidents
- 5.4K Security
- 179 USG FLEX H Series
- 258 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 36 Wireless Ideas
- 6.2K Consumer Product
- 236 Service & License
- 372 News and Release
- 79 Security Advisories
- 24 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 80 About Community
- 69 Security Highlight