USG 310/IPSec Error Packet(UDP) cannot be sent. reason: Network congestion

WiSyWiSy Member Posts: 5
edited April 10, 2020 12:47PM in Troubleshooting

Hello,

due to the current Homeoffice situation my company is running a lot more VPN Connections then usual.

Usually we are running about 6 or 7 IPSec IKE/IKev2 Site2Site Connections and about 5-10 IKEv2 Client2Site.

Now we have round about 20 additional Client2Site Connections and everything was running fine for 2 weeks until yesterday.

Suddenly some VPNs (S2S and C2S) disconnected and were unable to reconnect until we rebooted the firewall.

I noticed these Error in the Logs:

Any Ideas/suggestions?

Accepted Solution

All Replies

  • WiSyWiSy Member Posts: 5

    Hi @Zyxel_Jerry

    I disabled BWM but issue still persists.

    All IKE Site2Site get randomly dropped at the same time an are unable to reconnect until I reboot the Device.

    IKEv2 Connections still working.

    I noticed this entry in the log


    Tunnel [IKE_NRW_Gateway:WISY-NRW:0x2c0aee2a] built successfully

    41  2020-04-08 11:06:27 x.x.49.237:4500    x.x.184.39:4500


    x.x.49.237 is the wrong IP for that Gateway, something is getting mixed up there.

  • Zyxel_JerryZyxel_Jerry Zyxel Official Agent Posts: 273  mod

    Hi @WiSy

    Can you collect diagnose info and IKE log when the log displayed “network congestion and send it to us via private message?

    Here is the step to collect diagnose info.

    Go to Maintainance > Diagnostics > Diagnostics > Collect > Click Collect now

    After 5~10 minutes 

    Go to > Maintenance Diagnostics > Diagnostics > Files > Select the diaginfo > Click Download

    Here is the step to collect IKE log

    Go to Monitor > Log > View Log > select IKE category

    Can you also provide remote access to the device via private message?

Sign In to comment.