We also have two sites connected via IPSec. I performed the firmware update beforehand. I’m experiencing the same problem as the poster above me. I have already tried recreating the IPSec connection with various configurations.

Please help. Thank you!

  @jonmaxey 

I have ER8411 with VPN to two ER707-M2 and various other routers all with the new firmware, working without problems with both IPsec site to site and SD-WAN
My IPsec settings look like this

  @MR.S Thanks for your screenshots. Here’s how my configuration looks:

HQ:



Branch:



Any other Ideas?

  @Danielteuschl 

exactly the same :-) except that I use both routers as initiator unless there is a good reason to have it as responder. It seems very strange, I have not had any problems with VPN, I have VPN for both Cisco and Unifi and several types of Omada routers.

  @Danielteuschl 

but you can test if you have the same problem with SD-WAN then, it's a 120sec job to set up, disable the existing vpn tunnels on all sites. before configuring SD-WAN you don't need to delete. I only use SD-WAN now and it works very well.

The prerequisite is that all routers are configured on the same controller.

  @MR.S How i can configure this for testing?

  @Danielteuschl 

it's pretty simple, go to global view, go to SD-WAN press add, enter an SD-WAN IP range. there I have used 172.31.254.1-172.31.254.254 follow the wizard. I did a test now set up a full mesh SD-WAN with 6 routers in 49 seconds. you will probably take a little longer since it's your first time doing it.

I use ER8411 as HUB, and all the other routers are spokes. HUB must have public ip. The others can be behind a NAT.

If you want full mesh, click here and select all routers. You cannot have mesh between two routers with private IP, but you will see that when you configure.

  @Danielteuschl 

But remember, disable IPsec VPN befor you configure SD.WAN

  @MR.S Thank you very much, and it really works better. Thanks again for your help.