Re: vShield Edge IP-SEC setup to allow IP-SEC init...

geeko71 · ‎09-17-2014

I need to establish an IP-SEC VPN from Internet "any dynamic IP adresses" to an vCloud Director "Org Network".

I thought it's simple... Just use 0.0.0.0 as Peer IP and use a Policy for all 3 Possible Remote Network Ranges (private A,B and C)

But i'm not able to establish IP-SEC Tunnel in Phase 2.

Does anybody successfully established an IP-SEC from "internet" (IP-SEC Client such as Shrew Soft) with an vShield Edge?

Thanks

Dominik

geeko71 · ‎09-17-2014

my idea was not wrong at all...

If i use AES Encryption (not AES256) the setup is working...

0.0.0.0 as remote ID and remote IP.

The IP SEC client is using 0.0.0.0 as local identity and the vSHield Edge IP as remote ID.

Everything is working...

But not with AES256... can somody confirm this?

vShield Edge IP-SEC setup to allow IP-SEC initiation from "internet"