Flex500H IPSec VPN Issue

Fred_77
Fred_77 Posts: 141 image  Ally Member
5 Answers First Comment Friend Collector Fourth Anniversary
in USG FLEX H Series

Hi all,

Here's my problem: It's not possible to connect remotely to the IPSec VPN (client to site) if the peer IP address is not the main one. (Configured as secondary in my scenario).
Never had problem with usg/atp using wan virtual intercaces.

Is it a normal behavior on H Series?

Regards

Lorenzo

image.png

Accepted Solution

  • PeterUK
    PeterUK Posts: 4,139 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    Answer ✓

    This would be remote access VPN?

    Don't use Incoming Interface as Interface use Domain Name / IP with 0.0.0.0 and NAT Traversal even if your not behind NAT your WAN IP or Domain Name.

    See if that works

All Replies

  • PeterUK
    PeterUK Posts: 4,139 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    Answer ✓

    This would be remote access VPN?

    Don't use Incoming Interface as Interface use Domain Name / IP with 0.0.0.0 and NAT Traversal even if your not behind NAT your WAN IP or Domain Name.

    See if that works

  • Fred_77
    Fred_77 Posts: 141 image  Ally Member
    5 Answers First Comment Friend Collector Fourth Anniversary

    Thanks @PeterUK for your advice.

    It works now.

    Curious to know why selecting "interface", secondary ip is ignored… anyway..

    Thanks again

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)