VPN2S Behind Cisco Router
Hi all,
Sorry if this question has already been asked but couldn't find an answer. I have a VPN2S sat behind a Cisco 887 that is handling the broadband configuration and management.
I have opened port 500 and 4500 UDP to the WAN port IP address on the VPN2S (192.168.1.65). I have then used the wizard to configure the VPN gateway (IPSEC VPN) as a Server role (I'm wanting my laptop and desktop at a co-working space to connect to that location my firewall is at and breakout to the internet from there)
I have then loaded the IPSec VPN client on to my laptop, configured it for Ikey1 but no matter what I do I cannot seem to get it to connect. I have tried connecting internally at the firewall locations, external at the co working space and on a 4G connection.
Error message I get is:
"VPN client gave up the connection. Retry to open the tunnel."
Not sure how to overcome this? Any help with configuration would be much appreciated.
Thanks
David
All Replies
-
Hi @DavidDWM ,
Welcome to Zyxel community
Please refer to the topology and related settings below:
(10.10.10.2)PC A==== VPN2S ===== USG60 (router)==== Internet========USG210 =====PC B(192.168.10.33)
Setup settings on USG210
WAN : 10.214.48.29
LAN 192.168.10.1
IPSec VPN settings
After setup VPN wizard on USG210, please check the CONFIGURATION > VPN > IPSec VPN > VPN Gateway > Show Advanced Settings > Authentication > Peer ID Type
Setup VPN2S settings
WAN :192.168.50.33
LAN : 10.10.10.1
IPsec VPN settings
After setup VPN wizard on VPN2S, please check the CONFIGURATION Site Map> VPN > IPSec VPN > Gateway Configuration > Edit the Gateway Configuration > Authentication > Advanced > Peer ID Type
In your scenario, VPN2S is behind NAT and the NAT router is Cisco 887,
After setup VPN wizard on both site, it have to do NAT settings on Cisco router.
Here is the example of how to setup NAT on the router.
Setup NAT Router
USG60 settings (router)
WAN :10.214.48.30
LAN : 192.168.50.1
NAT settings
Test Result
PC A ping PC B
PC B ping PC A
0
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 114 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 65 Switch Ideas
- 901 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 831 Nebula FAQ
- 401 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight