[NEBULA] VPN L2TP AND CLOUD AUTHETICATION USERS

snowbike
snowbike Posts: 10  Freshman Member
Zyxel Certified Network Administrator - Security First Comment Friend Collector Sixth Anniversary
edited April 2021 in Nebula
HI all
i have upgraded my nsg50 to latest firmware..
i have created a new vpn user in cloud user, i have setup l2tp config on nsg (preshared, subnet etc)
i have created a new connection on my win10 laptop.. it doesn't work, i receive an error with this connection..
on gateway logs i receive this error: [ID] : Tunnel [L2TP_Client_VPN] Phase 2 Local policy mismatch
how can i resolve this issue??
thanks
«1

Comments

  • ivers
    ivers Posts: 45  Freshman Member
    First Comment First Answer Friend Collector Fifth Anniversary
    @snowbike
    I can dial-up the tunnel like below, is your NSG use the private IP and locate behind the NAT server?


  • snowbike
    snowbike Posts: 10  Freshman Member
    Zyxel Certified Network Administrator - Security First Comment Friend Collector Sixth Anniversary
    hi ivers..
     yes my nsg use private ip ... on internet router i have created a dmz from router to my nsg.. so all port are redirect on my private ip.. 
    on security config in client side, i tryed all possible configuration but it doesn't work
  • Zyxel_Chris
    Zyxel_Chris Posts: 705  Zyxel Employee
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 50 Answers
    edited July 2018
    Hello @snowbike
    In current stage we do not support the scenario that NSG behind the NAT server, however, don't worry we got the workaround for it. I will PM you.
    We'll soon have the feature enhancement on this part, as well!
  • snowbike
    snowbike Posts: 10  Freshman Member
    Zyxel Certified Network Administrator - Security First Comment Friend Collector Sixth Anniversary
    thanks for all Nebula_Chris
  • snowbike
    snowbike Posts: 10  Freshman Member
    Zyxel Certified Network Administrator - Security First Comment Friend Collector Sixth Anniversary
    @Nebula_Chris
    can you please email me a list of nebula command cli??
    thanks
  • Zyxel_Chris
    Zyxel_Chris Posts: 705  Zyxel Employee
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 50 Answers
    @snowbike
    We actually don't have the CLI list, the L2TP case is just the workaround to support this scenario temporary it's not a long term solution, but if you have any application that NCC cannot do then it's welcome to have the converstaion in here or go to the support channel.
    We'll also listen to what the customer need and have the future improvement on those limitations.
    :) 

    BTW, is your L2TP can work now ?
  • snowbike
    snowbike Posts: 10  Freshman Member
    Zyxel Certified Network Administrator - Security First Comment Friend Collector Sixth Anniversary
    no chris, but is not urgent, so i think that i wait future improvement.. thanks a lot fro support  
  • Zyxel_Chris
    Zyxel_Chris Posts: 705  Zyxel Employee
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 50 Answers
    edited July 2018
    Hello @snowbike
    I have private message you on yesterday and have attached the relevant document, too.
    Have you receive it?
    Please private message me If you have encounter any difficulty with the SOP.
  • Nicola_P
    Nicola_P Posts: 3  Freshman Member
    First Comment
    Hello I have the same scenario, can I have more info on the workaroud?
  • Zyxel_Chris
    Zyxel_Chris Posts: 705  Zyxel Employee
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 50 Answers
    Hello @Nicola_P
    Sure! I will PM you, please check your inbox~  :3

Nebula Tips & Tricks