This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to Site VPN with 2 ASG

Hi All

I am trying to setup a site to site ipsec with 2 ASG

ASG_1
=======
Version 8.201
external Ip is 87.xx.xx.xx (public)

ASG_2
=======
Version 8.103
external IP is 192.168.0.8 (as ISP router is Nat'ing)

Topology looks like

ASG_1(software appliance) ----modem ======ipsec======ISProuter-----ASG_2(virtual appliance) on a windows 2011 home server

I have attached the logs for both ASG. We both use RSA and VPN ID (hostname) so that we won't have the issue as described here

However, ASG_2 has an external Gateway set as 192.168.0.8 (because of the ISP router) and therefore we are unable to connect

Troubleshooting steps
################
1)We have forwarded ports from ISP router to ASG_2 (500 AND 4500)
2)Both ASG can ping each other

**pending logs from ASG_2

Thanks

This thread was automatically locked due to age.

Parents

0 BAlfson over 13 years ago

According to a post I found by Andreas Steffen (the developer of StrongSWAN, the underlying IPsec technology in Astaro) on the StrongSWAN site, "The IKEv1 pluto daemon is just not able to install multiple eroutes with the same rightsubnet" - in other words, you're trying to establish a second VPN with the same remote subnet.

Are you holding out on us? Something that you didn't want to share? [;)]

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 13 years ago

According to a post I found by Andreas Steffen (the developer of StrongSWAN, the underlying IPsec technology in Astaro) on the StrongSWAN site, "The IKEv1 pluto daemon is just not able to install multiple eroutes with the same rightsubnet" - in other words, you're trying to establish a second VPN with the same remote subnet.

Are you holding out on us? Something that you didn't want to share? [;)]

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data