usg60 to usg60 site-to-site ipsec vpn fail after firmware update 4.60 --> 4.70
tried down rev firmware 4.65 p0 and p1, no luck
tried 4.70 on one and 4.65 on the other, no luck
4.60 is no longer available on zyxel web site that I can find, so I cannot go back to what worked.
looking into another firewall brand as this is ridiculous.
however, I would be happy to stay with zyxel if they could tell me how to make this work again.0
I have a local site to site setup that works with with 4.70
When you upgrade to 4.70 there are two firmware slots so it should be possible to go back to the other one?
Their can be some reasons why it stopped working like IP change for the site to site or routing problem or ISP blocking VPN traffic can you allow ping on one USG then ping it by the other?
I was able to find old firmware which I will try tomorrow.
No IP changes, the vpn was working fine for years, then after the firmware update, we get connection but no data flow.
I'll be happy if we can get this to work again with old firmware. I understand that 4.60 has a serious issue with a hard coded username where the password cannot be changed.
This is bad news but if that is what I have to live with to get this VPN back for now, I will.
Suppose 192.168.1.33 ping 192.168.10.33 and ping failed. Use the command on each site to capture packets and check which site doesn't respond.
On Site A
lan1 is the subnet of the client 192.168.10.33.
On Site B
lan1 is the subnet of the client 192.168.1.33.0
Unbelievable, it must be documented somewhere but I have not seen it; the fastforward feature causes the ipsec vpn to fail, that's all it was, just uncheck that box and the vpn started working again.
I had forgotten I made that change as well as the firmware update. Rookie mistake; more than one change at a time. Oh well, its back and up to the latest 4.70 firmware rev. Thank you for your responses.
Where is this fastforward feature located?0
Configuration > System > Advanced0
- 8.4K All Categories
- 1.6K Nebula
- 70 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 226 Security Ideas
- 980 Switch
- 46 Switch Ideas
- 872 WirelessLAN
- 22 WLAN Ideas
- 5.1K Consumer Product
- 156 Service & License
- 280 News and Release
- 97 Success Stories
- 59 Security Advisories
- 13 Education Center
- 579 FAQ
- 262 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 74 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 46 Security Highlight