USG60 <> USG200 Site2Site VPN stopped working after WAN IP change
All Replies
-
Okay these seem to have been transient issues.
I restarted the USSG60 once again between my last post and now (it was restarted before my last post) without any configuration changes and it works now. Key handshake runs on USP4500 now as expected. All other stages of the VPN work.
I think my USG 60 at the branch office had some latent borked configuration. After the first reboot, some changes from the past few months (without reboots) were gone. Nothing too major, but odd nevertheless. Good thing we are switching to a newer USG200 here soon.
Special thanks to PeterUK who brought me on the right track.
0 -
No putting one behind NAT will use port 4500 as the tunnel port 500 is used for exchange keys
Can you check by packet capture on the USG you are sending and receiving either 4500 or protocol 50 when sending ping
its also possible your ISP beyond support knows nothing of the block and just tell you ESP is not blocked
Edit: I see its all working😁
0
Freshman Member
Guru Member
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 76 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 898 Nebula FAQ
- 415 Security FAQ
- 234 Switch FAQ
- 205 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight
