cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1176
Views
0
Helpful
1
Replies

Problem with site2site cisco asa <-> zyxel sbg

becfip
Level 1
Level 1

Hello,

 

i have a problem with site 2 site vpn connection behind HQ cisco asa 5545 ip 0.0.02.82 and Zyxel SBG 3300 ip 0.0.0.133.

I dont know how to configure this zyxel router.

Phase 1 is complete. There is log from asa:logasa.JPG

 I try everythink on configuration, now my configuration on ASA look like this:S2S connection profile 1S2S connection profile 1

 

S2S connection profile 2S2S connection profile 2

 

S2S connection profile 3S2S connection profile 3

 

And configuration on Zyxel:zyxel1.JPG

 

zyxel2.JPG

 

zyxel3.JPG

 

zyxel4.JPG

 

I hope that this printscreen will help you to find some mistake in my configuration.

I will be grateful for any help!

Thank you very much.

 

Best regards

Filip

 

1 Reply 1

JP Miranda Z
Cisco Employee
Cisco Employee

Hi becfip,

 

 

Checking the config of the ASA and also the Zyxel i found the following:

 

-The interesting traffic need to be mirrored between the 2 devices:

ASA= any to <destination>

Zyxel= <local> to any

 

If after matching the config you still get any issue you can run the following debugs through the CLI:

 

debug cry condition peer <zyxelpublicip>

debug cry isa 180

 

You can share the sanitized logs here.

 

Hope this info helps!!

 

Rate if helps you!! 

 

-JP- 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: