DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

2830n IPSec VPN conencted but no traffic getting through

  • matbeard
  • Topic Author
  • Offline
  • New Member
  • New Member
More
05 Dec 2011 12:53 #70340 by matbeard
2830n IPSec VPN conencted but no traffic getting through was created by matbeard
We've just replaced a Vigor 2600 with a Vigor 2830n because we've switched to an ADSL2+ line.

The 2600 had LAN-to-LAN VPNs to a Sonicwall TZ 170 and a Cisco ASA 5510 which both worked perfectly well.

We've applied the same VPN settings to the 2830 and although the connections are established (so the pre-shared key and negotiation all works) I can't get traffic through.

Well, having said that, I can reach the Web UI of the 2830 from the remote sites using its internal address (192.168.5.1), but I can't ping any of the other remote devices.

There are similar strange syslog entries on both the Sonicwall and Cisco, which suggests the 2830 is not behaving properly:
On the Sonicwall:
IPSec packet from or to an illegal host. Source: 192.168.5.12 Destination: 255.255.255.255
On the Cisco:
The decapsulated inner packet doesn't match the negotiated policy in the SA.
The packet specifies its destination as 255.255.255.255, its source as 192.168.5.15, and its protocol as 17.

Why would the packet state 255.255.255.255 as its destination?

2830 is using firmware version 3.3.6.1_232201

Any help is greatly appreciated.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami