How the client can distinguish between 2 IPsec Gateway both with dynamic remote peer
I have 2 IPsec Gateway on USG60 one is used for Site-to-Site VPN the other is for L2TP. Both have different VPN Connection with separated internal subnets. Both have dynamic peer address for remote gateway. The Site-to-Site is the first in the row, and when my phone wants to connect via L2TP I got the message "Invalid payload type in encrypted payload chain" as it check the preshare key with the Site-to-Site VPN Gateway preshare key. The L2TP works in case I deactivate the Site-to-Site Gateway.
0
All Replies
-
0
-
It's different,
Site-to-Site is:
AES256-SHA1
L2TP is:1. 3DES SHA12. 3DES MD53. DES SHA10 -
@ZyxelZoli
As Zyman2008 mentioned, set the phase 1 proposal of Site-to-Site rule different with L2TP/IPSec rule, so these two scenarios will be separated.
Can you private message the remote access for check further?0
Sign In to comment.
Howdy, Stranger!