Reply
New Member
Posts: 3
Registered: ‎09-25-2018
Accepted Solution

ER3L and ERX IPSEC site to site not working with default firewall using Gui

[ Edited ]

Hi all,

 

I have this scenario in a test setup both having firmware 1.10.7:

 

ER3L

Wan1:
PPPOE0 111.111.111.111
Lan1
192.168.10.1/24

 

ERX

Wan2:
PPPOE0 222.222.222.222
Lan2
192.168.20.1/24

 

I use the Basic Setup Wizard to configure them with a basic default firewall.

When i then try to connect them with the GUI, they won't connect to eachother.

 

However when i leave the default Firewall disabled, everything seems to work...

 

 

Looks like i'm missing default firewall rules for IPSEC site to site.

 

Can some1 provide me the correct GUI / CLI firewall rules for my situation? Or am i missing something?

 

 

 


Accepted Solutions
Veteran Member
Posts: 7,032
Registered: ‎03-24-2016
Kudos: 1821
Solutions: 802

Re: ER3L and ERX IPSEC site to site not working with default firewall using Gui


All Replies
SuperUser
Posts: 7,371
Registered: ‎01-05-2012
Kudos: 1939
Solutions: 962

Re: ER3L and ERX IPSEC site to site not working with default firewall using Gui

Under VPN, the auto-frewall-nat-exclude is enabled ?

Cheers,

jonatha

New Member
Posts: 3
Registered: ‎09-25-2018

Re: ER3L and ERX IPSEC site to site not working with default firewall using Gui

Hey jonatha,

 

I have this option enabled, it only seems like it's not working at my test site.

 

 

 

 

 

MacProThuis 2018-10-15 om 10.31.22.png
MacProThuis 2018-10-15 om 10.32.15.png
Veteran Member
Posts: 7,032
Registered: ‎03-24-2016
Kudos: 1821
Solutions: 802

Re: ER3L and ERX IPSEC site to site not working with default firewall using Gui

New Member
Posts: 3
Registered: ‎09-25-2018

Re: ER3L and ERX IPSEC site to site not working with default firewall using Gui

Found an issue at my site, the ERX went rogue somehow in the configuration.

After reset, i did a manual reconfiguration.

With the info of 16Again i got it up and running again.

 

Seems to be working now, thanks!

SuperUser
Posts: 7,371
Registered: ‎01-05-2012
Kudos: 1939
Solutions: 962

Re: ER3L and ERX IPSEC site to site not working with default firewall using Gui

Well done! Then you can mark  @16again 's answer as solution :-)

Reply