szn  Freshman Member

Thx, this explains the behavior.

from zyxel1 cmd ping 192.168.64.1 source 192.168.2.1 is successful. I have also did packet trace for: cmd ping 192.168.64.1 in this case src is IP address of WAN interface. How to configure security policy that also this packet will go into ipsec vpn?

Hi, will try to describe the issue better: configuration (IPsec VPN created using wizzard) What is working, where is issue: a) from Server1: ping Server2 OK (over IPsec) b) from Server1: ping Zyxel2 (LANport 192.168.64.1) OK (over IPsec) c) from Zyxel1: ping Server1 OK (local LAN) d) from Zycel1: ping Server 2 NOT-OK (from…

Peter thank you.

Site1: 192.168.2.0 Site2:192.168.64.0 Sorry the screnshot few post above was from Site2.

Hi Peter, not sure which routing rules? I do not have any rules under Routing| Policy Route:

Add on both sites: no success. On Site1 this rulle then pick trafic instead of LAN_outgoing (LAN to any (exclude Sywall). However traffic from Zywall stil not flow. Note, that nothing could be found in Events/Log related to cmd ping from Zyxel.

Site 1: Site2: VPN status

Hi, servers are on separate subnets: S1 on 192.168.2.0/24, S2 on 192.168.64.0/24 Remote an local polica are as follows:

Hi, it is working. it looks like syslog server was the issue. Thx

Configured to Normal for all sections on LAN network yes, other sources in LAN are working No.

Hi, I've checked show diagnostics cpu all and 40% utilisation on each core seems not to be normal. I've never seen this on any idle device. Is there something more to be checked?