Routers
--
Questions
--
Followers
Top Experts
How configure a VPN with zyxel ipsec client and zywall 20 USG?
Hello I have a zywall 20 USG and a XP with IPsec VPN client.
Somebody know if is possible to do it?
I haven't fixed ip (actually I use a dyndns name) and the zywall is behind an ADSL NAT router.
Thanks
Somebody know if is possible to do it?
I haven't fixed ip (actually I use a dyndns name) and the zywall is behind an ADSL NAT router.
Thanks
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Hi,
You need to configure 3 things:
- Your ADSL Router.
- zywall 20 USG
- XP
ADSL Router:
- Make sure that you enapve IPSec Passtrough and setup your ADSL router passes the IPSec info directly to your zywall.
- zywall configure it according to the document here: zywall VPN Config
-configure XP IPSec here: XP IPSec setup
I think dynamic DNS issue must not be a problem provided:
- zywall has a dyndns entry.
- XP has a dyndns entry.
- Both entries are up-to-date using dyndns setup on zywall and dyndns applet in XP.
- zywall authentication type set as DNS and the field must include the dyndns entry of the client.
Cheers,
K.
You need to configure 3 things:
- Your ADSL Router.
- zywall 20 USG
- XP
ADSL Router:
- Make sure that you enapve IPSec Passtrough and setup your ADSL router passes the IPSec info directly to your zywall.
- zywall configure it according to the document here: zywall VPN Config
-configure XP IPSec here: XP IPSec setup
I think dynamic DNS issue must not be a problem provided:
- zywall has a dyndns entry.
- XP has a dyndns entry.
- Both entries are up-to-date using dyndns setup on zywall and dyndns applet in XP.
- zywall authentication type set as DNS and the field must include the dyndns entry of the client.
Cheers,
K.
Thanks Kerem,
You are right, but the links are very old and generalist, the USG family has a lot different design and we are using the Zyxel IPsec VPN client, that is a proprietary VPN client.
May be we need a skill Zyxel expert.
Thank you very much
We actually up the VPN but in some seconds it goes down.
This is the log, in the VPN client
20140327 08:54:37:531 Default (SA VPNgateway-P1) SEND phase 1 Main Mode  [SA] [VID] [VID] [VID] [VID] [VID]
20140327 08:54:37:625 Default (SA VPNgateway-P1) RECV phase 1 Main Mode  [SA] [VID] [VID] [VID] [VID]
20140327 08:54:37:625 Default (SA VPNgateway-P1) SEND phase 1 Main Mode  [KEY_EXCH] [NONCE]
20140327 08:54:37:890 Default (SA VPNgateway-P1) RECV phase 1 Main Mode  [KEY_EXCH] [NONCE]
20140327 08:54:37:890 Default (SA VPNgateway-P1) SEND phase 1 Main Mode  [HASH] [ID] [NOTIFY]
20140327 08:54:38:046 Default (SA VPNgateway-P1) RECV phase 1 Main Mode  [HASH] [ID]
20140327 08:54:38:046 Default phase 1 done: initiator id 4.2.2.2, responder id 4.2.2.2
20140327 08:54:38:046 Default (SA VPNgateway-VPNtunel-P2) SEND phase 2 Quick Mode  [HASH] [SA] [NONCE] [ID] [ID]
20140327 08:54:38:140 Default (SA VPNgateway-VPNtunel-P2) RECV phase 2 Quick Mode  [HASH] [SA] [NONCE] [ID] [ID]
20140327 08:54:38:140 Default (SA VPNgateway-VPNtunel-P2) SEND phase 2 Quick Mode  [HASH]
20140327 08:55:07:140 Default (SA VPNgateway-P1) SEND Informational  [HASH] [NOTIFY] type DPD_R_U_THERE
20140327 08:55:07:218 Default (SA VPNgateway-P1) RECV Informational  [HASH] [NOTIFY] type DPD_R_U_THERE_ACK
20140327 08:55:24:328 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:24:328 Default <VPNgateway-VPNtunel-P2> deleted
20140327 08:55:24:343 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:24:343 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:26:515 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:26:515 Default <VPNgateway-P1> deleted
20140327 08:55:26:515 Default message_recv: invalid cookie(s) 822741f6d4712b57 57a88423020671d9
20140327 08:55:26:515 Default dropped message from 193.153.188.195 due to notification type INVALID_COOKIE
20140327 08:55:26:515 Default (SA <unknown>) SEND Informational  [NOTIFY] with INVALID_COOKIE error
20140327 08:55:26:515 Default message_recv: invalid cookie(s) 822741f6d4712b57 57a88423020671d9
20140327 08:55:26:515 Default dropped message from 193.153.188.195 due to notification type INVALID_COOKIE
20140327 08:55:26:515 Default (SA <unknown>) SEND Informational  [NOTIFY] with INVALID_COOKIE error
You are right, but the links are very old and generalist, the USG family has a lot different design and we are using the Zyxel IPsec VPN client, that is a proprietary VPN client.
May be we need a skill Zyxel expert.
Thank you very much
We actually up the VPN but in some seconds it goes down.
This is the log, in the VPN client
20140327 08:54:37:531 Default (SA VPNgateway-P1) SEND phase 1 Main Mode  [SA] [VID] [VID] [VID] [VID] [VID]
20140327 08:54:37:625 Default (SA VPNgateway-P1) RECV phase 1 Main Mode  [SA] [VID] [VID] [VID] [VID]
20140327 08:54:37:625 Default (SA VPNgateway-P1) SEND phase 1 Main Mode  [KEY_EXCH] [NONCE]
20140327 08:54:37:890 Default (SA VPNgateway-P1) RECV phase 1 Main Mode  [KEY_EXCH] [NONCE]
20140327 08:54:37:890 Default (SA VPNgateway-P1) SEND phase 1 Main Mode  [HASH] [ID] [NOTIFY]
20140327 08:54:38:046 Default (SA VPNgateway-P1) RECV phase 1 Main Mode  [HASH] [ID]
20140327 08:54:38:046 Default phase 1 done: initiator id 4.2.2.2, responder id 4.2.2.2
20140327 08:54:38:046 Default (SA VPNgateway-VPNtunel-P2) SEND phase 2 Quick Mode  [HASH] [SA] [NONCE] [ID] [ID]
20140327 08:54:38:140 Default (SA VPNgateway-VPNtunel-P2) RECV phase 2 Quick Mode  [HASH] [SA] [NONCE] [ID] [ID]
20140327 08:54:38:140 Default (SA VPNgateway-VPNtunel-P2) SEND phase 2 Quick Mode  [HASH]
20140327 08:55:07:140 Default (SA VPNgateway-P1) SEND Informational  [HASH] [NOTIFY] type DPD_R_U_THERE
20140327 08:55:07:218 Default (SA VPNgateway-P1) RECV Informational  [HASH] [NOTIFY] type DPD_R_U_THERE_ACK
20140327 08:55:24:328 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:24:328 Default <VPNgateway-VPNtunel-P2> deleted
20140327 08:55:24:343 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:24:343 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:26:515 Default (SA VPNgateway-P1) RECV Informational  [HASH] [DELETE]
20140327 08:55:26:515 Default <VPNgateway-P1> deleted
20140327 08:55:26:515 Default message_recv: invalid cookie(s) 822741f6d4712b57 57a88423020671d9
20140327 08:55:26:515 Default dropped message from 193.153.188.195 due to notification type INVALID_COOKIE
20140327 08:55:26:515 Default (SA <unknown>) SEND Informational  [NOTIFY] with INVALID_COOKIE error
20140327 08:55:26:515 Default message_recv: invalid cookie(s) 822741f6d4712b57 57a88423020671d9
20140327 08:55:26:515 Default dropped message from 193.153.188.195 due to notification type INVALID_COOKIE
20140327 08:55:26:515 Default (SA <unknown>) SEND Informational  [NOTIFY] with INVALID_COOKIE error
It seems that you can not receive data after initial contact. It looks like NAT Traversal is failing. Are you sure you have enabled VPN pass-through over your ADSL router?
If there's not a setting over your router for IPSec VPN pass-through try  setting up your VPN server as DMZ server so that it receives each packet directly.
K.
If there's not a setting over your router for IPSec VPN pass-through try  setting up your VPN server as DMZ server so that it receives each packet directly.
K.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Hello Kerem,
I have mapped all the ports in the router to the Zywall, I don't know what is a NAT tranversal.
Do you have some documentation?
Thanks.
I have mapped all the ports in the router to the Zywall, I don't know what is a NAT tranversal.
Do you have some documentation?
Thanks.
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Thanks, now I understand, and now is working.
Very helpfull.
Very helpfull.
Routers
--
Questions
--
Followers
Top Experts
A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.