How I set two IKEv2 VPN connection on one VPN gateway?

BZS
BZS Posts: 2  Freshman Member
First Comment Friend Collector Second Anniversary
edited April 2021 in Security
Hi!
I have a ZYXEL ZyWALL 110 firewall.
I try to set two IKEv2 site to site VPN connection (with two different local subnet) on the same VPN Gateway.
My problem is that the two VPN connection does not work at the same time. The first connection work, if I set inactive the second connection and the second connection work, if I set inactive the first connection.
What is the solution?
Thanks your answers!

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @BZS,
    Welcome to Zyxel Community.  :)
    Two site to site VPN phase 2 connection linked to same VPN phase 1, it’s doable scenario.
    Can you activate both VPN phase 2 connection and post device VPN connection log.
    I would like to check IKE and IPSec VPN error log.  
     
    MONITOR > Log > View Log. 
    Key word x.x.x.x which is your peer firewall public IP, you can mask it when your post VPN log.

  • BZS
    BZS Posts: 2  Freshman Member
    First Comment Friend Collector Second Anniversary

    The two site to site vpn phase 2 connection linked to VPN phase 1 works well, but the same time only two VPN connection can to do work on the firewall.



    When I inactive another VPN connection, this VPN connection can to do work.


    Thank you
    BZS
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @BZS,
    Does the peer gateway Zywall/USG also have two IKEv2 site to site VPN connection? Or it just big subnet on phase 2 VPN local policy?
    Can you send me both site configuration file in a PM, I would like to conduct lab test based on your configuration file.
     

Security Highlight