USG 110 L2TP VPN behind companion nat firewall

maximp Posts: 2  Freshman Member
edited April 2021 in Security

this thing is driving me crazy...
I've a USG 110 and configured L2TP over IPSec. I connect a Windows 10 Client on the WAN network and it completes VPN connection succesfuly.
Then I connect the same client on the public network (behind a NAT firewall that's the default gateway of the USG110), and simply change the IP address (on client side) and the local policy rule (on USG side) to match the same public IP. Companion firewall supports VPN passthrough and I forwarded IKE and L2TP ports to USG. In this configuration the VPN cannot connect. Looking at USG logs, seems that IPSec connects correctly, then L2TP loops continuosly between "tunnel disconnected" and "dynamic tunnel rekeyed succesfuly", until it times out. I can't see any useful error message to drive me in the right direction....

Any idea of what should I check ?




Security Highlight