Questo sito utilizza cookie di profilazione (propri e di terze parti) per ottimizzare la tua esperienza online e per inviarti pubblicità in linea con le tue preferenze. Continuando a utilizzare questo sito senza modificare le tue preferenze acconsenti all’uso dei cookie. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui>
The website that you are visiting also provides Arabian language. Do you wish to switch language version?
يوفر موقع الويب الذي تزوره المحتوى باللغة العربية أيضًا. هل ترغب في تبديل إصدار اللغة؟
The website that you are visiting also provides Russia language Do you wish to switch language version?
Данный сайт есть в английской версии. Желаете ли Вы перейти на английскую версию?
Lets assume that you have the following topology. You have a VPN tunnel between USG and XTM (firewall from another vendor). All the parameters are the same on both devices, USG and XTM.
There is only one difference. On the USG IKE negociation mode is automatic and on the XTM the negociation mode is Main. At the first look you will say that is ok, you debug and see that somethimes is working to establish the tunnel, sometimes is not working. Even when is not working you can see in debug that the IKE is established. You also may think that this is a bug.
Well, this is normal behavior for this scenario. If you take a closer look in the documentation you will find the root cause. When you use IKEv1 negociation mode auto, the USG will accept main mode and aggresive mode. That is the reson why sometimes is working, when XTM is starting the negociation.
But, if the negociation is started by the USG it will use by default aggresive mode. This is the reason why sometimes is not working.