Having trouble to use USG20-VPN as an IPSec client to Corporate SeGW

goldentiger

Hi, I have tried to use USG20-VPN as an IPSec client to corporate SeGW, but no success. Even though I know the pre-shared key is correct, IKE_Log always shows Authenticate failed. Here is the detailed IKE_Log.

19	2018-11-16 08:54:57	info	IKE	IKE SA [WIZ_VPN] is disconnected	24.126.78.126:500	96.37.189.196:500	IKE_LOG
20	2018-11-16 08:54:57	info	IKE	[SA] : Authentication failed	96.37.189.196:500	24.126.78.126:500	IKE_LOG
21	2018-11-16 08:54:57	info	IKE	[AUTH] Recv:[NOTIFY]	96.37.189.196:500	24.126.78.126:500	IKE_LOG
22	2018-11-16 08:54:57	info	IKE	[AUTH] Send:[IDi][CERTREQ][IDr][AUTH][SAi2][TSi][TSr][NOTIFY][NOTIFY][NOTIFY][NOTIFY]	24.126.78.126:500	96.37.189.196:500	IKE_LOG
23	2018-11-16 08:54:57	info	IKE	The cookie pair is : 0x53d48f281c603c35 / 0x943ed46d3a7563c1 [count=2]	24.126.78.126:500	96.37.189.196:500	IKE_LOG
24	2018-11-16 08:54:57	info	IKE	[INIT] Recv:[SA][KE][NONCE][VID][VID][NOTIFY][NOTIFY][CERTREQ][NOTIFY][VID]	96.37.189.196:500	24.126.78.126:500	IKE_LOG
25	2018-11-16 08:54:57	info	IKE	The cookie pair is : 0x943ed46d3a7563c1 / 0x53d48f281c603c35 [count=3]	96.37.189.196:500	24.126.78.126:500	IKE_LOG
26	2018-11-16 08:54:57	info	IKE	[INIT] Send:[SAi1][KE][NONCE][NOTIFY][NOTIFY][VID][VID][VID]	24.126.78.126:500	96.37.189.196:500	IKE_LOG
27	2018-11-16 08:54:57	info	IKE	Tunnel[WIZ_VPN:WIZ_VPN] Send IKEv2 request	24.126.78.126:500	96.37.189.196:500	IKE_LOG
28	2018-11-16 08:54:57	info	IKE	The cookie pair is : 0x53d48f281c603c35 / 0x0000000000000000 [count=2]	24.126.78.126:500	96.37.189.196:500	IKE_LOG

Can someone shed some lights on how to configure USG20-VPN as an IPSec client using IKEv2?

#Biz_Security_Nov_2018

Zyxel_Emily

Hi @goldentiger,

To build VPN tunnel between USG20-VPN and other firewall/gateway, you need to adjust some parameters on both devices to make it work.

We need more information to check why the VPN tunnel is not established.

I will send you a private message and let you know what information we need.