No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

but traffic is not going through vpn tunnel.

Publication Date:  2018-03-29 Views:  101 Downloads:  0
Issue Description

USG 6350 ad USG USG 6320

version : V500R100

We have 2 Huawei firewalls USG6350 and USG6320 , I have created vpn connection between them , but traffic is not going through vpn tunnel.

  I have global nat congigured

 


Solution

Asked if you have NAT configured? and ask for diagnostic information


From what I saw in diagnostic and session table, there is NAT using UDP port 2050 and isn’t ok like this.

The traffic in nated, so please use the below configuration in order for the traffic to go through the tunnel.

 

USG 6350

#

Nat policy  NO_NAT

rule name 1

destination  192.168.10.0 24 action no-nat

  rule name 2

 source address 192.168.101.0 24 destination address 192.168.102.0 24 action no-nat

 

 rule name 3

 source address:  91.x.x.x destination 84.x.x.x action no-nat

 

USG 6320

#

Nat policy  NO_NAT

rule name 1

destination 192.168.1.0 24 action no-nat

 rule name 2

 source address 192.168.102.0 24 destination 192.168.101. 0 24 action no-nat

 rule name3

source 84.x.x.x destination 91.x.x.x action no-nat



END