Table of Contents
Advertisement
www.zyxel.com
If you see that Phase 1 IKE SA process done but still get [info] log message as
below, please check ZyWALL/USG and SonicWALL Phase 2 Settings. All
ZyWALL/USG units must use the same Protocol, Encapsulation, Encryption,
Authentication method and PFS to establish the IKE SA.
Make sure the all ZyWALL/USG units' security policies allow IPSec VPN traffic. IKE
uses UDP port 500, AH uses IP protocol 51, and ESP uses IP protocol 50.
By default, NAT traversal is enabled on ZyWALL/USG, so please make sure the
remote IPSec device also has NAT traversal enabled.
123/810
Advertisement
Table of Contents
