dynamic rule, only 1 VPN connection work at time

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!



hello

at office i have ZyWall 5 that has one dynamic VPN rule configured so
that 3 branch offices and 2 telecommuters can connect to main office.

ZyWall 5 is behind static IP, others are not.

there is no problem, when only one branch office or telecommuter makes
VPN connection.

but when two or more VPN connections is established, only one of them
can ping and acces to office network. however, SA Monitor shows 2 or 3
different VPN connections to different branch offices. Also, Logs shows
that second connection is ok ("Rule [everyone] Tunnel built
successfully")

at logs, there is no evidence anything abnormal, but sometimes some
combination gives "inconsistent SA happens!!" error when there are 2
simultaneous VPN connections

among ZyWall 5 we have zyxel homevpn II, SSH sentinel and Prestige
2602HW-61 acting as Firewall/VPN box.

any ideas?


Site Timeline