What's wrong with Site-to-Site VPN on Nebula Control Cente?

Zyxel_Irene
Zyxel_Irene Posts: 118  Zyxel Employee
5 Answers First Comment Friend Collector First Anniversary
When Site-to-Site VPN tunnel cannot be established successfully, please check the following actions,

  • If your Nebula Security Gateway (NSG) is behind NAT/Router,
  1. Go to Configure > Security gateway > Site-to-Site VPN and switch the Nebula VPN enable from off to on
  2. Check your NAT traversal, please enter your public IP in the block.
  • If your Nebula Security Gateway (NSG) is with public IP or you already have the correct NAT traversal,
  1. Go to Gateway > Monitor > Event log, and filter through VPN Category 
  • Remote IP mismatch: you configure the incorrect IP or NAT
  • NO_PROPOSAL_CHOSEN:  check IPsec policy (phase 1 and phase 2 setting) and Preshared secret are same in local and peer side. 

Tagged: