VPN2S Behind Cisco Router
Hi all,
Sorry if this question has already been asked but couldn't find an answer. I have a VPN2S sat behind a Cisco 887 that is handling the broadband configuration and management.
I have opened port 500 and 4500 UDP to the WAN port IP address on the VPN2S (192.168.1.65). I have then used the wizard to configure the VPN gateway (IPSEC VPN) as a Server role (I'm wanting my laptop and desktop at a co-working space to connect to that location my firewall is at and breakout to the internet from there)
I have then loaded the IPSec VPN client on to my laptop, configured it for Ikey1 but no matter what I do I cannot seem to get it to connect. I have tried connecting internally at the firewall locations, external at the co working space and on a 4G connection.
Error message I get is:
"VPN client gave up the connection. Retry to open the tunnel."
Not sure how to overcome this? Any help with configuration would be much appreciated.
Thanks
David
All Replies
-
Hi @DavidDWM ,
Welcome to Zyxel community
Please refer to the topology and related settings below:
(10.10.10.2)PC A==== VPN2S ===== USG60 (router)==== Internet========USG210 =====PC B(192.168.10.33)
Setup settings on USG210
WAN : 10.214.48.29
LAN 192.168.10.1
IPSec VPN settings
After setup VPN wizard on USG210, please check the CONFIGURATION > VPN > IPSec VPN > VPN Gateway > Show Advanced Settings > Authentication > Peer ID Type
Setup VPN2S settings
WAN :192.168.50.33
LAN : 10.10.10.1
IPsec VPN settings
After setup VPN wizard on VPN2S, please check the CONFIGURATION Site Map> VPN > IPSec VPN > Gateway Configuration > Edit the Gateway Configuration > Authentication > Advanced > Peer ID Type
In your scenario, VPN2S is behind NAT and the NAT router is Cisco 887,
After setup VPN wizard on both site, it have to do NAT settings on Cisco router.
Here is the example of how to setup NAT on the router.
Setup NAT Router
USG60 settings (router)
WAN :10.214.48.30
LAN : 192.168.50.1
NAT settings
Test Result
PC A ping PC B
PC B ping PC A
Engage in the Community, become an MVP, and win exclusive prizes!
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight