VPN Connectivity Check

kiattikornkiattikorn Member, SecuReporterBeta Posts: 11  Freshman Member

Dear Nebula Team,

We have designed VPN solution as following.

 

HQ > USG Series (VPN Server Role)

LAN IP: 192.168.1.1/24

 

BR1 > NSG100 (VPN Client Role)

LAN IP: 192.168.2.1/24

 

BR2 > NSG100 (VPN Client Role)

LAN IP: 192.168.3.1/24

 

After setup VPN and all site tunnel has already connected. But the tunnel uptime can be count to 180sec after that VPN tunnel will be disconnect and reconnect again.

I have to check configuration on NSG by CLI the connectivity IP is not correct.

“conn-check 192.168.1.0 method icmp period 60 timeout 10 fail-tolerance 3 action log”

We don’t have IP 192.168.0.0 in destination network and parameter of fail-tolerance set to 3 time that mean why NSG can reach tunnel uptime 180 secs (60 x3) then always start to reconnect.


The question is.

1.       How to solved this?

2.       Can you add connectivity feature setting on NCC?

Thank you.

 

Comments

Sign In to comment.