can not establish IPsec - VPN between MR600 and zwall usg100
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
I'm trying to set up an ipsec vpn between a zywall usg100 and an tplink MR600.
it just does not want to work. ☹
IPSec Connection Name: Test_vpn
Remote IPSec Gateway (URL): test1.dyndns.org
Tunnel access from local IP addresses: Subnet Address
IP Address for VPN: 192.168.2.0
Subnet Mask: 255.255.255.0
Tunnel access from remote IP addresses: Subnet Address
IP Address for VPN: 192.168.20.0
Subnet Mask: 255.255.255.0
Key Exchange Method: Auto (IKE)
Authentication Method: Pre-Shared Key
Pre-Shared Key: xxxxxxxxxxx
Perfect Forward Secrecy: Enable
== Phase 1==
Mode : Main
Encryption Algorithm : AES-256
Integrity Algorithm : MD5
Diffie-hellman Group for Key exchange 1024bit
Key Life Time(Seconds) : 86400
== Phase 2==
Encryption Algorithm : AES-256
Integrity Algorithm : SHA1
Diffie-hellman Group for Key exchange 1024bit
Key Life Time(Seconds) : 86400
Setting on the zywall USG 100
VPN – Gateway :
General Settings
Enable
VPN Gateway Name: Test_VPN
Gateway Settings
Domain Name / IP test1.dyndns.org
Peer Gateway Address
Static Address
Primary test2.dyndns.org
Authentication
Pre-Shared Key xxxxxxxxxxx
Phase 1 Settings
SA Life Time: 86400
Negotiation Mode: Main
Encryption AES256
Authentication MD5
Key group DH2
Dead Peer Detection (DPD)
VPN-Connection :
General Settings
Enable
Connection Name: VPN_Test1_Test2
VPN Gateway
Application Scenario
Site-to-site
VPN Gateway: Test_VPN
Policy
Local policy: test1.dyndns.org SUBNET, 192.168.20.0/24
Remote policy: test2.dyndns.org SUBNET, 192.168.2.0/24
Phase 2 Setting
SA Life Time: 86400
Active Protocol: ESP
Encapsulation: Tunnel
Encryption AES256
Authentication SHA1
Perfect Forward Secrecy (PFS): DH2
Related Settings
Zone: IPSec_VPN
what am i doing wrong?
