IPSec VPN Site to Site
Options
Hello,
I'm trying to connect 2 sites through Zywall 110 (VPN site-to-site), but I don't understand why they dont work.
VPN connection are both connected.
I setup route for VPN connection.
In local site, when I try to connect to remote Zywall, I can't see anything in the remote Zywall log.
In remote site, when I try to connect to local Zywall, I can see connection on local Zywall log, but cant connect to it.
I have the impression that the local site does not allow to go out to the VPN, although a route has been created.
Do you have any idea of my misconfiguration ?
Thanks,
Geoffrey.
I'm trying to connect 2 sites through Zywall 110 (VPN site-to-site), but I don't understand why they dont work.
VPN connection are both connected.
I setup route for VPN connection.
In local site, when I try to connect to remote Zywall, I can't see anything in the remote Zywall log.
In remote site, when I try to connect to local Zywall, I can see connection on local Zywall log, but cant connect to it.
I have the impression that the local site does not allow to go out to the VPN, although a route has been created.
Do you have any idea of my misconfiguration ?
Thanks,
Geoffrey.
0
All Replies
-
@IPO
Regarding to this case,
if the topology is SiteA----VPN-----SitB, on Site A, you need to create the policy routing Source: any, Destination: SiteB's local subnet, next Hop: tunnel, VPN profile. On siteB, vice versa.
After complete the setting, and established VPN connection, you can enter remote local IP to access Peer device.
Charlie0 -
Hi,
Thanks for your answer.
This route is already created :
IPO-IN-ZOLA is the SiteB subnet, 192.168.6.0/24
SiteA subnet is 172.16.0.0/16
I tried to configure route like that :
But not working too.
The firmware is up to date, v4.33(AAAA.0) on the 2 sites.0 -
HI, IPO.When you access the USG, in security policy/Policy Control exist many rules that are default.See if exist a rule that allow the traffic from TUNNEL to Zywall.0
-
Hi,
The default rules allow connection.
When I disabled policy control, they does'nt work too.
For information, i've already a VPN site-to-site which is working between SiteB to SiteC, I done the same rules and parameters, without success...0 -
Re,
I found the problem, it's my DNS server !
When I dont use my local DNS server, it's working fine !
Now I have to find why...
Anyway, no problem with my Zywall, so I can close this topic.
Thanks for your help !0
Zyxel Employee
Freshman Member
Categories
- All Categories
- 392 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 220 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight
