Flex 200 - L2TP Pre-shared Key
Ally Member
I want to be sure I understand how the router isolates Preshared Keys.
It is my understanding each defined gateway can have it's own unique key.
So an ipsec site-to-site gateway can have it's unique key and my l2tp gateway can have it's own unique key.
Currently I cannot create an l2tp vpn unless the pre shared key is the same as the
defined ipsec site-to-site key.
Feels like a bug. I would expect each tunnel to operate separately with it's own
unique key.
All Replies
-
From what I understand is the Preshared Key happens after setting up encryption to relay the key at which point it fails to match however as found out if the connecting side needs to encryption or Authentication at a given level
Say
Phase 1
Encryption AES256
Authentication SHA256
Preshared Key 1
Then another
Phase 1
Encryption AES256
Authentication SHA1
Preshared Key 2
Then you can have two site to site
or use peer ID type IPv4
or vote for this for DNS FQDN way
https://community.zyxel.com/en/discussion/22111/fqdn-by-dns-lookup-for-peer-id-type#latest
0 -
Let me phrase differently.
If I have a site-to-site vpn using 1234567890 as my preshared gateway key.
and
I have an L2TP vpn using soccerball as my preshared key.
If the site to site is off, shouldn't the l2tp sync up using the soccerball key?
So far it will not.
However, if I change the soccerball key to 1234567890, the L2TP connects.
I will test on a couple other Flex 200's, I have several, and it seems that they behave different.
Thanks Peter
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 239 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
