Site to Site VPN on a Zywall 110 behind another Zywall 110 (Multiple public IP addresses)

Hi all,

Have an issue to build a Site to Site VPN to a Zywall 110 behind another Zywall 110.

ISP Router -> Zywall 110 (Core, 5 Public IP's, e.g. I use -> Zywall 110 (Internal, WAN IP

- NAT on Core Firewall -> 1:1 NAT, ->
- Site to Site VPN with IKEv1 is built on Internal Firewall

Additional information
Internal Firewall was connected directly to the ISP router before and VPN was working properly.

Now I had to install a 2nd Firewall in front of the Internal Firewall. Since then the VPN isn't working. Get still erro "No Proposal Chosen". Tried to set "NAT Traversal" flag but it's the same.

How can I configure the VPN to get a connection? I assume I need to send the answer to the peer with my external IP but I don't need how to configure properly.


Accepted Solution

  • FaePoFaePo Member Posts: 2
    Accepted Answer
    Finally I found a solution. In fact it was pretty easy but sometimes you can search for ages and at the end it's just one field you need to change. ;-)

    In phase 1 settings of the VPN I had to choose Local ID type "IPv4" under "Advance" and enter the public IP address.
Sign In to comment.