Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Possible bug: Issue in site to site VPN ipsec changing WAN interface

Hello,

I have an issue with site to site vpn IPSec. I suppose it is a bug.

Scenario:

You have 1 WAN port (port 2)

You have some created site to site VPN IPSEC (initiate the connection type)

Follow these steps to reproduce the issue:

- Configure a new WAN interface (in my case port 10)

- Disable previous WAN port (port 2)

- Change the VPN settings (listening interface to port 10 and local id, with new ip address)

- Save

You will not able to start the connection, an error will appear: "The connection's local interface is turned off. You can't activate or establish this connection.". So, the firewall continues to use port 2 instead of port 10.

To fix the issue, I simply needed to recreate the VPN profiles using the same settings of non-working profiles. This issue happened for my 2 VPN. So,  you cannot change the wan port used, after the creation of VPN profile.

F.



This thread was automatically locked due to age.