08-09-2017 01:16 PM
GP VPN configured properly with IPSec enabled.
But all the GP-clients are fall-back to SSL tunnel mode soon after connected.
For testing purpose, give full access any-any allow in policy. one time connected as IPSec and when disconnect & connect again another time gp-client automatically fall-back to SSL mode.
Port 4501 UDP & TCP are allowed in policy. why not a single client is connected as IPsec. how to find out the proper reason for this fall-back.
08-09-2017 01:49 PM
HI Mate,
Don't suppose ye have portal and / or gateway on a loopback address ? can cause issues sometimes with ipsec or xauth but works great for ssl..
Best regards,
Rob
08-09-2017 01:35 PM
Do you see anything in either
1) System log with ( subtype eq vpn ) query.
2) rasmgr.log (debug will help here 'debug rasmgr on debug'
08-09-2017 01:49 PM
HI Mate,
Don't suppose ye have portal and / or gateway on a loopback address ? can cause issues sometimes with ipsec or xauth but works great for ssl..
Best regards,
Rob
08-09-2017 10:43 PM
Hi Robert,
Thanks for info.
yes, we have loopback interface configured.
08-10-2017 12:52 AM
are these users on internal or external gateways, if external then udp 4501 needs to be allowed on thier firwalls.
08-22-2017 12:54 PM
Not sure I understand what the solution was for this issue even though it was marked resolved
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
