Zyxel USG Flex 100HP Site2Site
Freshman Member
Good day,
i do have a main network 192.168.99.x (Site A) which is connected via route based vpn IKEv2 to a remote network 192.168.100.x (Site B). The VPN connection is being established without any problems. After that i have tried to ping from both sites to the other and it works without any problems. But the SMB connection works only to site (B) and only sporadically. I have security policy on both sites being VPN - LAN, LAN-VPN. Site B is located behind an Speedport Hybrid Router where i have forwarded every possible port.
I have tried to decrease the MTU size for my WAN interfaces, but this did not help. With security policies being disabled, it does not work either.
Do you have any recommendations ?
Thank you very much in advance.
All Replies
-
Good day,
Thank you to everyone who took the time to review and consider my issue. I wanted to provide an update and close the discussion with the resolution I found.
After analyzing the network traffic, I discovered a significant number of retransmissions occurring between the two sites. This pointed to potential fragmentation issues. Following this, I retested various MTU sizes for my VTI interface.
By setting the MTU size to 1340 bytes, the SMB connection now works reliably across both sites.
I apologize for any inconvenience caused and appreciate any time or effort you may have spent on this. Hopefully, this solution might help someone facing a similar problem in the future.
Thank you again!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 152 Nebula Ideas
- 100 Nebula Status and Incidents
- 5.8K Security
- 290 USG FLEX H Series
- 278 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 252 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 86 About Community
- 75 Security Highlight
