cannot acces to internal resources after ikev2 vpn connection is established
Hi dear ZYXEL admin's team! I so new in Zixel and have one trouble. Please be so kind halp me and explain what issue is wrong in may config, becase with self signed ikev2 certificate integrated in my own pc i can connect to zixel usg 40 w device, connection established, i get vpn_range ip address but cannot receve any packets (only see sended packets) and cannot get internal resources for example cannot connect to internal server via rdp.
All Replies
-
Steel read and watched manuals about how to establish connections with IKEv2 vpn and usg 40, but now it does not connected any more and only what can i see is IKE autentification credentials are unacceptable. what is wrong? watched zixel's videomanual from here https://www.youtube.com/watch?v=xvl346kttys .... cannot understand...
Please Help Me!!!
0 -
Hi @Iraklizh ,
I follow the video and set up it step by step, the tunnel build up successfully, and I can ping to Lan host without issue.
Can you post USG error log when you connect to?
BTW, the certificate must import to “Computer account”, instead of “My user account”. Tunnel will build up fail if you import to “My user account”.
Windows certificate snap-ins
USG log at “Monitor > Log”
0 -
I made it both for my computer and my user account :(, i will try to resolve it, but what is happened next, i tried to set up l2tp vpn. user connects by l2tp vpn, connection is established, but i again have not access to remote network resources, like i cannot ping any remote machines there by their addreess
0 -
And i sow in monitor that my computer connected by l2tp, user logged, and ip address assigned (192.168.2.1), but my remote subnet has 192.168.1.0/24 network and remote device there is 192.168.1.200. If i made L2TP_VPN_Range addresses fro 192.168.1.220-1.230 situation is same. what i do wrong? i cannot understand. sorry. that why i need your help.
0 -
i can now ping default gateway on the remote subnet, and when i go to internet, i can go there via remote public ip. all this ok, but my issue to access to rdp server in this remote network. The address of remote network rdp server is 192.168.1.200 and when i connected by l2tp vpn i cannot ping it also other devices connected in remote lan cannot be pinged from my connected pc via vpn.
0 -
Hi @Iraklizh ,
Please assign another pool for l2tp client. There is no need to assign same subnet as lan subnet 192.168.1.X/24.
Also, 192.168.2.X/24 is another interface subnet in USG. Don’t use both subnet for l2tp pool.
You can set the l2tp pool to 192.168.99.20~40 and try it again.
0 -
ok, thanks, will try this article.0
-
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight