Comments
-
why don't you coupler port 1 cable to port 2 cable
-
its a transparent bridge so unless your ISP is doing NAT connecting a PC to it you get the WAN IP everything is forwarded.
-
The problem might be that you set your Ingress which I think deals with packet dropping differently then Egress
-
Yes it might be the last firmware for VPN models being EOL but the problem should happen in current models
-
So every time the router does DHCP you go to the DHCP server of your ISP and loopback to your routers LAN DHCP server. So yes VLANs will solve that
-
I have had it where NAT rules don't apply until a reboot but then all rules should work after a reboot. are the random rule that stops working at the bottom of the list? Also do any of the rules use address type interface IP?
-
So your phone is by 4G/5G to your USG60? keep trying till you see Phase 1 done
-
try a simple Pre-shared key on phone is IPsec identifier 0.0.0.0
-
Windows default phase 2 is encryption AES256 authentication SH1 PFS none also L2TP over IPSec IKEv1 encapsulation is Transport
-
set local policy to 0.0.0.0 Phase 2 PFS to DH2 Phase 1 key group may need to be higher Encryption to AES128 check logs if Phase 1 show done
-
Have no problem here with Android 12 and IKEv2 post your settings
-
try here https://support.zyxel.eu/hc/en-us/articles/8805317185298-IKEv2-VPN-with-Pre-Shared-key-on-Mobile-Devices-Instead-of-L2TP
-
Another problem is User custom DDNS only auto works and not Public IP but Public IP will work on a select DDNS like no ip or DynDNS
-
Two WAN IP's that are different and are fully routable you likely have a DNS name to one WAN IP for the port forwarded because your still going to the same WAN IP that is down you will never use the other WAN IP so you need to have your DNS point to your other WAN IP.
-
you say its 10.9.230.144/29 255.255.255.248 so if you make a LAN subnet your side with that 10.9.230.145/29 and a PC on 10.9.230.146 you don't need SNAT in the tunnel and it should work