[NEBULA] VPN Connectivity Check
Dear Nebula Team,
We have designed VPN solution as following.
HQ > USG Series (VPN Server Role)
LAN IP: 192.168.1.1/24
BR1 > NSG100 (VPN Client Role)
LAN IP: 192.168.2.1/24
BR2 > NSG100 (VPN Client Role)
LAN IP: 192.168.3.1/24
After setup VPN and all site tunnel has already connected. But the tunnel uptime can be count to 180sec after that VPN tunnel will be disconnect and reconnect again.
I have to check configuration on NSG by CLI the connectivity IP is not correct.
“conn-check 192.168.1.0 method icmp period 60 timeout 10 fail-tolerance 3 action log”
We don’t have IP 192.168.0.0 in destination network and parameter of fail-tolerance set to 3 time that mean why NSG can reach tunnel uptime 180 secs (60 x3) then always start to reconnect.
The question is.
1. How to solved this?
2. Can you add connectivity feature setting on NCC?
Thank you.
Comments
-
0
-
Here you are.
0 -
Hi @kiattikorn
This screenshot is USG setting, and may I have the screenshot from NCC, like the below pic. Then I can check your Private subnet.
0 -
0 -
Hi @kiattikorn
In our current design, users need to input a reachable IP address in the Private subnet field (e.g: if IP on peer side is 192.168.1.254/24, please set Private Subnet to 192.168.1.254/24.), this IP will be used for ping check by the device.
1 -
Hi @kiattikorn
I hope everything is good on your side!
I would like to move your post to Nebula Security Gateway session to let more users can know how to configure when they have the same symptoms!
0 -
Hi Irene,
Thank you for you prompt respond.
1
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight