Archive > 16.7 Legacy Series
Upgrading to 16.7, known issues and workarounds
Yordan Yordanov:
After upgrading to 16.7 all the site-to-site VPNs from the router stopped working. The status does indicate that the tunnel is connected, however no traffic gets through. I had to replace the device with a backup device with 16.1.20. Is it possible to revert 16.7 to 16.1.20 and how? Or if you have any idea how to fix them on the 16.7 I would be grateful. I have Multi-WAN if it matters.
franco:
Hi Yordan,
Yes it matters. VPN does not skip your Multi-WAN policies anymore. You need to add them manually or exclude VPN traffic. From the notes:
"The Disable Negate rule on policy routing rules option is no longer available as automatic VPN skip rules for policy-based routing have been removed. If you want to skip your VPN, please add an explicit rule."
I think your IPSec traffic is redirected here when it shouldn't.
Cheers,
Franco
Yordan Yordanov:
Thanks Franco. Can you tell me in which section I should create the rule and how it looks like? Do I need one for each IPsec tunnel?
franco:
Hi Yordan,
What this old stuff did was for each Mutli-WAN rule there was a "pass" exception generated for the VPN destinations so those won't be policy-routed.
I didn't work on this so I cannot say for sure, but I'd start with adding a pass rule for the desired IPSec networks (one rule per IPSec it seems or use an alias for all...) before each policy routing rule in the interface firewall rule tabs.
Cheers,
Franco
hoseinTB:
hi
i installed 16.7.1
and IDS theme is not loading ...
please put your commnet
tnx
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version