IPsec VPN works only one way

English Forums > Virtual private networks

IPsec VPN works only one way - GCP

<< < (2/6) > >>

mimugmail:
Yep .. most important is "Install Policy" checkbox.
Dont have it ticked while changing P2 to route-based .. it will kick you out when you access it remote

rbed:
Sadly, the guide has

--- Quote ---Step 3 - Set MSS Clamping

(Under Interfaces ‣ IPsec Azure) We will use the following settings:
--- End quote ---

But there is no such (equivalent) iface - where should it come from? I only have LAN and OPT1 (whatever that is). :/

Plus, there's also an iface "IPSEC1000" in this guide and I have no idea where it comes from.

rbed:
Additional bit of information: In my actual gateway/FW I see block events for 10.255.255.250 -> x.x.x.111 but not vice versa. Why is that?

If the traffic goes through the tunnel I shouldn't see it here. If it does not, I should not see any. It looks like the request DC -> GCP goes past the firewall but the response does not ...

My default DC gateway/FW is x.x.x.65. The tunnel runs on x.x.x.99

mimugmail:
The description of your vpn will be name of the ipsec interface. If it's empty you'll have ipsec1000. Just look for the description. If there is no interface you config is not correct.

rbed:

--- Quote from: mimugmail on September 13, 2021, 01:52:16 pm ---The description of your vpn will be name of the ipsec interface. If it's empty you'll have ipsec1000. Just look for the description. If there is no interface you config is not correct.

--- End quote ---

Thanks for the quick reply! Any idea what might not be "correct"?
And what's the deal with 10.111.1.1 / 10.111.1.2 in the Azure guide? What's their purpose? I'm not quite sure where to put the one on the GCP end.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version