[AusNOG] IPsec issues over Telstra
abeeson at csu.edu.au
Fri Aug 7 15:38:41 EST 2020
We've done it a bit (and are currently running some) on Telstra.internet (if I recall correctly) using DMVPN with Cisco gear to do it, so its not an exact match to your situation.
Never noticed any specific IKEv2 issues though.
From: AusNOG <ausnog-bounces at lists.ausnog.net> on behalf of James Andrewartha <trs80 at ucc.gu.uwa.edu.au>
Sent: Friday, 7 August 2020 1:57:44 AM
To: Daniel Carpenter
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] IPsec issues over Telstra
On Thu, 6 Aug 2020, Daniel Carpenter wrote:
> Anyone seeing any new issues forming IPsec IKEv2 tunnels over both Telstra.internet and Telstra.extranet lately? I’ve been
> trying to implement a new hub and spoke for a new environment using a HA pair of FortiGate 300e as the hub and Teltonika RUTX11
> as the end devices. My P1 and P2 come up fine but have little luck sending any traffic. Static routes created with the tunnels
> on both ends appear fine. I’ve tested the RUTX11 on our external wan with a public IP out of our APNIC provided subnet and it
> works flawlessly. Not operational yet luckily but if I cant figure it out in a week or two ill be forced to do it with OpenVPN.
> Or configure it with IPv6.
I can do it (IKEv1 though) with the embedded LTE modem in a FGT
30E-3G4G-GBL, but if I use a Netgear LB2120 connected to the FGT, the VPN
doesn't come up (I haven't investigated further yet due to lack of time).
# TRS-80 trs80(a)ucc.gu.uwa.edu.au #/ "Otherwise Bub here will do \
# UCC Wheel Member http://trs80.ucc.asn.au/ #| what squirrels do best |
[ "There's nobody getting rich writing ]| -- Collect and hide your |
[ software that I know of" -- Bill Gates, 1980 ]\ nuts." -- Acid Reflux #231 /
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AusNOG