IPSecVPN issue on Zyxel 1100 Firewall
Options
Freshman Member
I have two Zyxel 1100 series firewalls, one at location A and one at location B. About two months ago, I set up IPSecVPNs between the sites and it worked great on the first try.
After that, site 1 got some new static IPs so I went in and made the changes on the VPN gateway and entered the new IP.
The VPN will not connect.
In my log, I see the attempted connection and the Message is Match Default Rule, DROP and the note is ACCESS BLOCK.
I'm feeling like it's a Security Policy > Policy Control, but I have a rule allowing IPSecVPN out so I'm lost as to how to troubleshoot.
Can anyone lend a hand?
Thank you.
After that, site 1 got some new static IPs so I went in and made the changes on the VPN gateway and entered the new IP.
The VPN will not connect.
In my log, I see the attempted connection and the Message is Match Default Rule, DROP and the note is ACCESS BLOCK.
I'm feeling like it's a Security Policy > Policy Control, but I have a rule allowing IPSecVPN out so I'm lost as to how to troubleshoot.
Can anyone lend a hand?
Thank you.
0
Accepted Solution
-
Hi @CRP0499,
Welcome to Zyxel community.
Don’t forget to change phase 1 peer ID on site 2 if you change site 1 interface IP.
Check Site2 VPN phase 1 profile peer IP. It must match peer wan IP.
0
Zyxel Employee
All Replies
-
Hi @CRP0499,
Welcome to Zyxel community.
Don’t forget to change phase 1 peer ID on site 2 if you change site 1 interface IP.
Check Site2 VPN phase 1 profile peer IP. It must match peer wan IP.
0
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 211 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 545 USG FLEX H Series
- 341 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 52 Wireless Ideas
- 6.9K Consumer Product
- 295 Service & License
- 465 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.7K FAQ
- 34 Documents
- 87 About Community
- 99 Security Highlight
