[NEBULA] NSG Site-to-Site VPN behind NAT not working
We followed the way described in https://businessforum.zyxel.com/discussion/1595/nsg-site-to-site-vpn-port-forwarding and https://businessforum.zyxel.com/discussion/194/nsg-vpn-support-behind-nat to set up a Site-to-Site VPN between the two LAN1 subnets (192.168.8.0/24 and 192.168.10.0/24) of two NSG100. As the NSGs are behind external routers we also setup the NSG as exposed host in the external routers and the static routes to the NSG's subnets in the external router. VPN topology is set to Site-to-Site with NAT traversal set to the sites public IP (of the external router). Unfortunately the tunnel never comes up. All we can find in the event log on both sites is "Peer not reachable" after a few other VPN specific logs. We tried both the FQDN and the public IP as NAT traversal, but it doesn't make any difference. Under Gateway > Monitor > VPN connection each site only shows in local subnet with status "disconnected". The remote subnet and status are only shown as "-". What are we missing / doing wrong?
Sign In to comment.