VPN BETWEEN ZYXEL ATP200 AND FRITZBOX! 7590

13»

All Replies

  • zyman2008
    zyman2008 Posts: 219  Master Member
    25 Answers First Comment Friend Collector Seventh Anniversary
    @Kepir
    Disable the 1st policy route.

  • Kepir
    Kepir Posts: 16  Freshman Member
    First Comment Friend Collector First Anniversary
    zyman2008 said:
    @Kepir
    Disable the 1st policy route.

    Thank you,

    but still the same problem.
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,377  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary
    Hi @Kepir
    What's your client IP address and destination IP address in your test?
    In current VPN setting, USG could handle route traffic from "172.16.0.0/22"  to "192.168.178.0/24".
    If your IP address doesn't include in these IP segments, then traffic route will not work.
  • Kepir
    Kepir Posts: 16  Freshman Member
    First Comment Friend Collector First Anniversary
    Hello Stanley,
    Source ip is 192.168.178.188 and 172.16.0.5 for Destination.
  • Kepir
    Kepir Posts: 16  Freshman Member
    First Comment Friend Collector First Anniversary
    And,

    as you can see in the images the ping from usg ( 172.16.0.1 )  to fritzbox ( 192.168.178.1 ) also did not work, 
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,377  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary
    Hi @Kepir
    For troubleshoot this issue, it requires captures the packets on both of PCs on each sites.
    Is any capture tools on FRITZBOX! ?
    You can send ICMP from USG site PC (172.16.0.X) to 192.168.178.X and make sure if "Outbound" traffic has increased in Monitor > IPSec View.
    According to troubleshoot     FRITZBOX! site, you may contact to FRITZBOX support's help continually.
  • Spyrtsat
    Spyrtsat Posts: 2  Freshman Member
    First Comment First Anniversary

    Hello,

    I have been having the same issue with a usg 110 and a fritzbox 7590AX. I was able to establish site to site connection although only if i used "Any" in the "Peer ID Type"of the VPN Gateway. Using IPv4 and the wan IP of the fritzbox was giving me the error "Phase 1 peer ID mismatch". Tried using the myfritz.net address too but was getting the mismatch error again.

    And similarly, after the connection was established i was unable to communicate between the two network. Pings from the fritzbox to the usg and the other way arround would time out and no access could be established to devices from the two networks.

    Can i please ask if there was a solution in the end for this issue?

    Any idea as to why it doesn't work with IPV4 Peer id type and it needs any?

    Thank you in advance.

    image.png

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)