VPN Connection failing when using PPPoE, but direct connection is working

darksparks
darksparks Posts: 1
edited April 2021 in Security
We're using a USG 20 connected to an Actiontec 1000 which is running in transparent bridge mode, using PPPoE.  As a regular firewall it's been working perfectly, but now we're trying to setup VPN connectivity.  When I connect a VPN client (computer) through a switch and into the USG20, the VPN connection is established and works perfectly.  However, when the VPN connection comes in through the Actiontec via PPPoE, it fails on the first ISAKMP packet with an ICMP "destination unreachable (port unreachable)" error.

Tried turning off the firewall portion, but still no connection.  I believe I have all the appropriate ports and protocols opened (proto 50, ports 500, 1701, 1723, 4500).

Any thoughts or suggestions would be appreciated!

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,361  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited September 2018

    Hi @darksparks

    I’d like to double check if this is your scenario and purpose:

    The VPN client needs to establish L2TP tunnel with USG which behind Actiontec 1000.

    USG20----------Actiontec 1000(PPPoE)----------Internet------Client

     

    If this is your scenario, you can reference to FAQ.

    Note: You have to setup the port forwarding on Actiontec 1000. (Forward 4500, 500 and 1701 to USG WAN address)

     

    By the way, what kind of USG20 you’re currently using? USG20 or USG20-VPN? Please note that the solution I mentioned above is working on the USG20-VPN


Security Highlight