AttilaZsedenyi  Freshman Member

Hello. I would like to Configure a test environment with a remote pc on wan, a Zyxel Zywall USG 210 router and a Server 2022 with AD on Lan. I would like to connect remote pc to the router with IKEv2/IPSEC and going to join the AD server with LDAP. Since I can't join with the router the AD, I have to look for another way. I configured everything so far but I get the same problem in the logs and don't know how to figure it out. Maybe someone can help me, who understand this. 1 2025-02-06 10:18:13 info IKE IKE SA [IKEv2_server] is disconnected 192.168.3.37:4500 192.168.3.76:4500 IKE_LOG 2 2025-02-06 10:18:13 info IKE The cookie pair is : 0x4e1fb5f8d89dbd41 / 0xc76cf737255e5995 192.168.3.37:4500 192.168.3.76:4500 IKE_LOG 3 2025-02-06 10:17:41 info IKE [AUTH] Recv:[IDi][CERTREQ][NOTIFY][CONF][SA][TSi][TSr] 192.168.3.76:4500 192.168.3.37:4500 IKE_LOG 4 2025-02-06 10:17:41 info IKE The cookie pair is : 0xc76cf737255e5995 / 0x4e1fb5f8d89dbd41 192.168.3.76:4500 192.168.3.37:4500 IKE_LOG 5 2025-02-06 10:17:40 notice Security Policy Control priority:3, from WAN to ZyWALL, UDP, service NATT, ACCEPT 192.168.3.76:4500 192.168.3.37:4500 ACCESS FORWARD 6 2025-02-06 10:17:40 info IKE [INIT] Send:[SAr1][KE][NONCE][NOTIFY][NOTIFY][NOTIFY][CERTREQ][VID][VID][VID][VID][VID] 192.168.3.37:500 192.168.3.76:500 IKE_LOG 7 2025-02-06 10:17:40 info IKE The cookie pair is : 0x4e1fb5f8d89dbd41 / 0xc76cf737255e5995 192.168.3.37:500 192.168.3.76:500 IKE_LOG 8 2025-02-06 10:17:40 info IKE Recv IKE sa: SA([0] protocol = IKE (1), AES CBC key len = 256, HMAC-SHA256-128, HMAC-SHA256 PRF, 2048 bit MODP; ). 192.168.3.76:500 192.168.3.37:500 IKE_LOG 9 2025-02-06 10:17:40 info IKE [INIT] Recv: [SA][KE][NONCE][NOTIFY][NOTIFY][NOTIFY][VID][VID][VID][VID] 192.168.3.76:500 192.168.3.37:500 IKE_LOG 10 2025-02-06 10:17:40 info IKE Receiving IKEv2 request 192.168.3.76:500 192.168.3.37:500 IKE_LOG 11 2025-02-06 10:17:40 info IKE The cookie pair is : 0xc76cf737255e5995 / 0x4e1fb5f8d89dbd41 [count=2] 192.168.3.76:500 192.168.3.37:500 IKE_LOG 12 2025-02-06 10:17:40 notice Security Policy Control priority:4, from WAN to ZyWALL, UDP, service IKE, ACCEPT 192.168.3.76:500 192.168.3.37:500 ACCESS FORWARD I need to have certificate. I am sitting with it 2 days and went back and forth with all the settings. Thanks all the info in advanced

Activity

  • Not much happening here, yet.
Avatar
EnglishTiếng ViệtРусскийไทย中文(台灣)