Louis, We have a variety of ZyXEL USG devices, from the 20W up to the 300, running client and site-to-site VPNs. The firmware is basically the same, and there are no differences in VPN capabilities. Could you post or send the most relevant portions of your USG configuration, obscuring the private details? For example, the following is one of our working configurations on a 20W:
isakmp policy VPN_Client_Gateway activate local-ip interface wan1 peer-ip 0.0.0.0 0.0.0.0 authentication pre-share encrypted-keystring ********************* local-id type ip ***.***.***.*** peer-id type any fall-back-check-interval 300 lifetime 86400 mode main group2 transform-set aes128-sha xauth type server default ! crypto map VPN_Client_Connection adjust-mss auto activate netbios-broadcast ipsec-isakmp VPN_Client_Gateway scenario remote-access-server encapsulation tunnel transform-set esp-aes128-sha set security-association lifetime seconds 28800 set pfs group2 local-policy BRIDGE_BR1 remote-policy any no conn-check activate The settings for the Shrew client are easy to match, so I won't copy those for the time being. Please start by comparing what you have to these working settings. ------------------------------ *David Liddle* *IT Support Specialist* Wycliffe Global Alliance - Europe Area [email protected] On Thu, May 29, 2014 at 8:17 AM, <[email protected]> wrote: > Send vpn-help mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.shrew.net/mailman/listinfo/vpn-help > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of vpn-help digest..." > > Today's Topics: > > 1. VPN help with ZyXel USG20W (Louis Au) > > > ---------- Forwarded message ---------- > From: Louis Au <[email protected]> > To: "[email protected]" <[email protected]> > Cc: > Date: Wed, 14 May 2014 16:14:10 -0700 (PDT) > Subject: [vpn-help] VPN help with ZyXel USG20W > Hi, > > I just wondering if anyone has any experience to get Shrew VPN client > working with ZyXel USG20W. I notice that there is another post for ZyXel > USG already. I had followed the instructions step-by-step very carefully, > however I get an error that said "Invalid message from gateway". The only > different I can tell is that my ZyXel is model USG20W, but the one posted > is USG300. The screen look identical. So, it must be something specific > about this USG20W. I tried to use other VPN client too, and I got the same > error, it seems like ZyXel send back some invalid command back during the > phase 2 authication process. > > I have attached the screenshoot from the ZyXel log file and the Shrew VPN > client screen. Any help is appreicated. > > Thanks, > Louis > > [email protected] > > > _______________________________________________ > vpn-help mailing list > [email protected] > https://lists.shrew.net/mailman/listinfo/vpn-help > >
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
