To have a better experience, please upgrade your IE browser.upgrade
Questo sito utilizza cookie di profilazione (propri e di terze parti) per ottimizzare la tua esperienza online e per inviarti pubblicità in linea con le tue preferenze. Continuando a utilizzare questo sito senza modificare le tue preferenze acconsenti all’uso dei cookie. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui>
The website that you are visiting also provides Arabian language. Do you wish to switch language version?
يوفر موقع الويب الذي تزوره المحتوى باللغة العربية أيضًا. هل ترغب في تبديل إصدار اللغة؟
The website that you are visiting also provides Russia language Do you wish to switch language version?
Данный сайт есть в английской версии. Желаете ли Вы перейти на английскую версию?
Smart Modular Data Centers
Prefabricated Modular Data Centers
Precision Air Conditioners
Data Center Management
Handsets and Terminals
Rapid Deployment System
Enterprise Communications Terminals
Platform or Infrastructure
Enterprise Communications Gateways
Core Network Devices
Radio Access Network Devices
Firewall and Application Security Gateway
DDoS Protection Systems
Anti-APT Based on Big Data Analysis
ME Series Multi-Service Control Gateways
Multi-Service Packet Transport Platforms
AR Series IoT Gateways
AR Series Access Routers
Hybrid Flash Storage
Integrated Video Site Solution
Enterprise Telecom Energy
Smart Site Management System
Multi-Service Transmission Platforms
HD Network Cameras
Video Cloud Nodes
Video Content Management
Indoor Access Points
Outdoor Access Points
Scenario-specific product series
IT Infrastructure Storage Solutions
Data Center Network
Data Center Energy
Enterprise Communications Solution
Contact Center Solution
Advisory and Implementation
Support and Optimization
Training and Certification
Explore Technology Services
National Research and Education Network
Education Cloud Data Center
Multi-Channel HD Telemedicine Solution
Over The Top/Multi-Tenant Data Center (OTT/MTDC)
Internet Exchange Point (IXP)
Internet Access Provider (IAP)
Design & Simulation
Planning & Analytics
Oil & Gas IoT
HPC & Operations Management
Digital Urban Rail
Retail Cloud Platform
Enterprise Data Center
Enterprise Cloud Communications
Network Management System
Buy from Huawei
If you need to get information about your project, please submit your information and we will contact you within one working day.
Consult online customer service regarding products/solutions you are interested in.
If your company has signed an eDeal contract with Huawei, please buy your required product/solution via the link below.
Buy from resellers
Search for a nearby reseller and get direct contact information.
Find a Partner
Become a Partner
Alliance and solution Partner
Huawei Authorized Learning Partner
Huawei Authorized Information and Network Academy
When the IPSec VPN is configured on the USG2110 and USG2210, the tunnel can be established normally. During the test, run the ping -a command with the source address of the intranet interface to test the communication. The IP address of the intranet interface of the USG2210 can be pinged through from the intranet interface of the USG2110, and vice versa.
1. Make sure that the interzone packet filtering is correctly configured.
2. Make sure that the security ACL of the IPSec is correctly configured.
3. Ping the intranet interface of the USG2210 from the intranet interface of the USG2110. Capture packets on the USG2110 and USG2210 at the same time. The error information "IP packet is dropped for the visit interface is down!" is displayed. Check the configurations of the USG2110. The intranet adopts the subinterface, which is not tagged as VLAN. The physical and protocol status of the subinterface is Up and Down respectively. Instruct the user to add a VLAN label on the subinterface. Then the problem is solved.
Attached: packet capture configuration
acl number 3999
rule 5 permit ip source 10.0.21.1 0 destination 192.168.3.55 0
rule 10 permit ip source 192.168.3.55 0 destination 10.0.21.1 0
debug ip packet acl 3999
The error information is as follows:
*0.1137506316 Secoway IP/8/debug_case:
Discarding, interface = Ethernet0/0/0, version = 4, headlen = 20, tos = 0,
pktlen = 84, pktid = 56391, offset = 0, ttl = 255, protocol = 1,
checksum = 64640, s = 192.168.3.55, d = 10.0.21.1
prompt: IP packet is dropped for the visit interface is down!
The configuration of the USG2210 is the same as that of the USG2110.
1. The configuration in the interzone is incorrect.
2. The security acl configuration of the IPSec VPN is incorrect.
|When the IPSec VPN can be established but the intranet communication fails, it is recommended that you analyze the problem through debugging packet capture.|