The USG2110 is the branch, and the USG2130 is the headquarters. The IPSec is configured at both ends. IKE phases 1 and 2 are normal, and the IPSec SA is successfully established. According to the user, the intranet gateway address of the USG2130 cannot be pinged through from that of the USG2110. The IPSec SA is established, but the service is interrupted.
1. The ACL configuration is incorrect.
2. The express port forwarding is enabled.