IPSec VPN Site to Site
Freshman Member
Hello,
I'm trying to connect 2 sites through Zywall 110 (VPN site-to-site), but I don't understand why they dont work.
VPN connection are both connected.
I setup route for VPN connection.
In local site, when I try to connect to remote Zywall, I can't see anything in the remote Zywall log.
In remote site, when I try to connect to local Zywall, I can see connection on local Zywall log, but cant connect to it.
I have the impression that the local site does not allow to go out to the VPN, although a route has been created.
Do you have any idea of my misconfiguration ?
Thanks,
Geoffrey.
I'm trying to connect 2 sites through Zywall 110 (VPN site-to-site), but I don't understand why they dont work.
VPN connection are both connected.
I setup route for VPN connection.
In local site, when I try to connect to remote Zywall, I can't see anything in the remote Zywall log.
In remote site, when I try to connect to local Zywall, I can see connection on local Zywall log, but cant connect to it.
I have the impression that the local site does not allow to go out to the VPN, although a route has been created.
Do you have any idea of my misconfiguration ?
Thanks,
Geoffrey.
0
All Replies
-
@IPO
Regarding to this case,
if the topology is SiteA----VPN-----SitB, on Site A, you need to create the policy routing Source: any, Destination: SiteB's local subnet, next Hop: tunnel, VPN profile. On siteB, vice versa.
After complete the setting, and established VPN connection, you can enter remote local IP to access Peer device.
Charlie0 -
Hi,
Thanks for your answer.
This route is already created :
IPO-IN-ZOLA is the SiteB subnet, 192.168.6.0/24
SiteA subnet is 172.16.0.0/16
I tried to configure route like that :
But not working too.
The firmware is up to date, v4.33(AAAA.0) on the 2 sites.0 -
HI, IPO.When you access the USG, in security policy/Policy Control exist many rules that are default.See if exist a rule that allow the traffic from TUNNEL to Zywall.0
-
Hi,
The default rules allow connection.
When I disabled policy control, they does'nt work too.
For information, i've already a VPN site-to-site which is working between SiteB to SiteC, I done the same rules and parameters, without success...0 -
Re,
I found the problem, it's my DNS server !
When I dont use my local DNS server, it's working fine !
Now I have to find why...
Anyway, no problem with my Zywall, so I can close this topic.
Thanks for your help !0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 145 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 239 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
