Problem and solution when an IPSec tunnel can be successfully established whereas service access fails

16

The NAT service is configured on the interface where the IPSec tunnel is established. As a result, the traffic is abnormal. For details about how to solve the problem, see :IPSec session have been established but service is abnormal

Other related questions:
Problem and solution when the IPSec tunnel cannot be established between the USG6300 and Windows 8 system
The IPSec tunnel established using the Windows 8 dial-up software on the USG6000 is interrupted at a certain interval. You can use other VPN tunnels, such as L2TP.

An IPSec tunnel fails to be set up for a long time, and then can be established after the IPSec tunnel is reset
The same traffic of the branch is transmitted to the headquarters. The headquarters has an IPSec tunnel to protect traffic between the headquarters and branch. Because the same data flow is protected, the headquarters and branch cannot establish a new IPSec tunnel. After the IPSec tunnel of the headquarters is reset, the old IPSec tunnel is deleted and the new IPSec tunnel can be established.

In this case, you can run the ipsec remote traffic-identical accept command to allow users with the same traffic rule as online users to access the IPSec tunnel. The established IPSec SAs are aged rapidly and an IPSec tunnel is reestablished.


If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top