Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN between XG 85 to Zyxel Zywall, does it work?

We are setting a VPN IPSec Site to Site from XG 85 to Zyxel Zywall, but the connection isn't established.

Is this connection possible?

Please, could you help us?



This thread was automatically locked due to age.
Parents
  • Hi Elena,

    Greetings.

    What does the Logs reflect, when you try to establish a Tunnel with Zyxel ? You can monitor the logs by navigating through 

    If the log file reflects, "no proposal chosen" , then there will be a policy mismatch between the two devices for IPSec connection.

    Hope that helps!

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply
  • Hi Elena,

    Greetings.

    What does the Logs reflect, when you try to establish a Tunnel with Zyxel ? You can monitor the logs by navigating through 

    If the log file reflects, "no proposal chosen" , then there will be a policy mismatch between the two devices for IPSec connection.

    Hope that helps!

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children
  • Thank you very much for your help.

    Here you are the logs:

    2016-04-01 13:27:10

    IPsec

    COMPLETADO CORRECTAMENTE

    -

    "COnexionDONOSTI-1" SA-MGT: Initiating rekeying of connection's main mode SA 26

    17884

    2016-04-01 13:27:10

    IPsec

    ERROR

    -

    COnexionDONOSTI-1 EST-P1: Max number of retransmission 2 reached. No response to first IKE message

    17856

    2016-04-01 13:26:00

    IPsec

    COMPLETADO CORRECTAMENTE

    -

    "COnexionDONOSTI-1" EST-P1-MM: Connection being initiated on request.

    17846

    2016-04-01 13:25:55

    IPsec

    COMPLETADO CORRECTAMENTE

    -

    "COnexionDONOSTI-1" activation: Activated Successfully

    17839

    Could you help me?

  • Elena,

    your Phase 1 does not occur. Can you share your IPSec on your XG and your Zyxel?

    Thanks.