VPN ipsec works for only 1/2 user, no more
Gianfilippo
Posts: 6
Hi, this is my situation.
Office with usg40, server and pc.
Connecting from my home (or other place) to office with Zywall VPN ipsec Client works great (tunnel open and browse network lan) for first and second pc.
When I try with third or fourth pc simultaneously tunnel won't open.
Is a possible provider limitation?
In the modem isp I've open 500 and 4500 port.
Thanks
Office with usg40, server and pc.
Connecting from my home (or other place) to office with Zywall VPN ipsec Client works great (tunnel open and browse network lan) for first and second pc.
When I try with third or fourth pc simultaneously tunnel won't open.
Is a possible provider limitation?
In the modem isp I've open 500 and 4500 port.
Thanks
0
All Replies
-
Any help?0
-
Have you checked the IPsec VPN IP ranges of your USG40 is enough? and checked concurrent IPsec VPN session number of USG40? If the VPN IP range is too small or over maximum IPsec VPN concurrent tunnel may lead to this symptom. I found its specification may give you some reference.
https://www.zyxel.com/tw/zh/products_services/Unified-Security-Gateway-USG40-40W-60-60W/comparison
0 -
Yes checked, VPN ip ranges is 192.168.200.80 to 192.168.200.99 (20 pc) and I have problem with third or fouth pc.
Max. concurrent IPSec VPN tunnels in 20 for USG 40 (my model).
The problem seem appear when I connect 3-4 pc form the same external netrwork (same public IP).
If I connect 4 pc from 4 exterrnal network it works (4 different public IP).
How is possible?
Thanks0 -
Did you check the 20 tunnels all be occupied while you establish the third, fourth PC's IPsec VPN connection? Because I remember Monitor > VPN Monitor > IPsec VPN can check the VPN client connection status.
Or you can change the IPsec VPN of establishing connection order e.q.try the third, fourth PC establish IPsec VPN first and establish the first, second PC's IPsec VPN connection secondly.
0 -
Look at ip starting 87...
Two pc connected, connection impossible for third pc.
The ip starting 79... is from another network.
In this moment 3 pc simultaneously connected, but maximum 2 from same ip (same network).
I don't know why the second ip from 87... network not have port 4500 at the end...
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight