This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies. For details on cookie usage on our site, read our Privacy Policy
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Announcements
We are conducting regularly scheduled maintenance over the weekend, which could cause some downtime on LIVEcommunity. We apologize for any inconvenience.
Hi @kiwi I check the VPN Router side and it s ok. Let me share the details; Remote IPSec Gateway: Palo Alto WAN Ip Tunnel Access from Local IP address: Subnet Address IP Address for VPN: 192.168.30.0 Subnet Mask: 255.255.255.0 Tunnel access from remote IP addresses: Subnet Address IP Address for VPN: 20.1.0.0 Subnet Mask: 255.255.255.0 Phase 1 Configs Mode: Main Local Identifier Type: Local WAN IP Remote Identifier Type: Remote WAN IP Everythings look fine. I don't understand where came this 192.168.225.100 ip from 😞
... View more
Hi @kiwi I use Archer MR200 for ipsec VPN setup. Double check and device LAN setting details are; Ip Address: 192.168.30.1 Subnet:255.255.255.0 DHCP: Enable Ip Address Pool: 192.168.30.100 - 192.168.30.199 Default Gateway: 192.168.30.1 Primary DNS: 192.168.30.1 Secondary DNS: 8.8.8.8 How it could be? Thanks.
... View more
Hi All, I have two 4G router and two ipsec vpn tunnel. Routers are exactly same. VPN configs are exactly same (except Ips) one tunnel up and running but other one failed at Phase1 It gives me "IKE phase-1 negotiation is failed. Peer\'s ID payload 192.168.225.100 (type ipaddr) does not match a configured IKE gateway." error. I global search on Palo Alto for 192.168.225 nothing return. So i have not any 192.168.225.xxx ip configuration in palo alto. So this ip coming from 4G router? But not possible i think. Becase i configure it and router LAN is 192.168.30.0/24 so connected machine ip is 192.168.30.100 I am realy stuck at this point. Any help is appreciated. Thanks.
... View more
Hi all, I need schedule some cli command which i execute manually from SSH console like below; Command line 1: test vpn ipsec-sa tunnel Xtunnelname:XtunnelProxyId Command line 2: test vpn ike-sa gateway Xtunnelname Is there any way schedule tasks in palo alto? Regards.
... View more
I solved it. PA Network/Virtual Routers/ There is one default rule in there named "default" When i enter in this rule i see Static Routes there. Defined for other ipsec tunnels. I add tunnel.3 (which i facing problem) Destination local ip block 192.168.10.0/24 Problem solved. Now i can ping servers from Inhand Router.
... View more
Hi all, I have "Inhand Ir611" Industrial Cellular Router and Palo Alto in office. I have configured Inhand router and i have reach to internet. Than i setup Ipsec Tunnels to my Office Palo Alto. Everything looking good after configuration and restart the device. I have check PA side. Tunnel Up and Ike Up i have two green dot in PA. But i can't reach to my office servers from Inhand router. If some configuration is wrong ipsec tunnel not become green in PA right? What am i missing really i dont know.
... View more