No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


USG limitation leads to certain L2TP VPN users dialing in unsuccessful

Publication Date:  2012-10-18 Views:  204 Downloads:  0

Issue Description

In USG2210 equipment, restricted certain public IP can VPN dial-up connection, and the other not allowed, enable ACL do limitation, found it has no effect.

Alarm Information


Handling Process

1, checking ACL detailed content and format are accurate, which are consistent with actual requirements.
2, check ACL application area, found application area is wrong, analysis: the outside users dial-up into VPN, dial-up is in firewall local area. ACL applied in” untrust trust” area, the ACL applied in untrust local regional, through the test, found ACL applied successfully.

Root Cause

1, ACL configuration is not correct.
2, ACL application didn’t success.


First of all understanding the L2TP VPN dialing principle, according to the customer demands to implement the limit work, it will be more easy, VPN dialing into local domain from “untrust”, if use ACL restrict certain public IP, it should be applied in “untrust trust” regional.