IPSec Tunnel: info about remote endpoint
USG60 is connected via IPSec to other Firewalls: 2 old USG20, 1 USG40, 1 USG20-VPN.
With newer device AND IKEv1 tunnel i were able to read info about remote endpoint.
Now USG40 use 2 IKEv2 tunnels (one for LAN1, one for LAN2 which is on a different subnet), but info of the remote endpoint (hostname, serial number) is not readable anymore from VPN Status, just like IKEv1 tunnels to USG20.
It's just cosmetic, and it worked when there was only 1 IKEv1 tunnel between USG60 and USG40. Now not anymore.
All Replies
-
Hi @mMontana,
Build two IKEv2 tunnels between USG40 and USG60.
The serial number and system name are shown on the VPN monitor.
Build one IKEv1 tunnel between USG40 and USG60.
The serial number and system name are shown on the VPN monitor.
Could you share the screen shot of the problem with us?
1 -
Here you are
Into blue square two tunnels to USG40, with IKEv2 gateway. Into green square, the tunnel to USG20-VPN. Other Ones are USG20 tunnels.
0 -
Hi. Same issue.
After long time info about remote point are missing.
This from 1 site connected by 2 vti in 1 trunk.
USG20W-vpn & USG1100.
0 -
-
On which side shoud be applied?
Both?
0 -
Hi @mMontana,
Yes, the date firmware should be applied to both sides.
I will send the firmware to you for verification after the issue is fixed.
0 -
-
I'll try to update and test during late december. This is just cosmetic issue currently.
0 -
On test V4.35(AAPK.0)ITS-WK46-r90773 all was good. After update to
V4.35(AAPK.3) info about remote peer start missing again.
0 -
Hi Zyxel_Emily alexey and mMontana FWIW, on our USG routers at V4.35 (xxx) we can confirm using cli show sa monitor command...
- IKEv2 IPSEC Client-to-Site and IPSEC IKEv1 L2TP clients- DO NOT SHOW Serial numbers and HOST names of USG appliances.
- However out Site-Site VTI DO show serial numbers and USG HOST names
Using the show sa monitor command - works great
Router> show sa monitor
HTH
Warwick
Hong kong
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight