Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Tunnel established but no traffic passes

            Created by Yuriy Andamasov, Modified on Fri, 12 Jan 2024 at 05:41 PM by Srividya Anantapatnaikuni

            Article review date
            		2024-01-08
            Validated for VyOS versions
            		1.2.5, 1.3.5. 1.4.0

            Introduction:

            The purpose of this article is to aid in troubleshooting network connectivity via IPSEC VPN. In this scenario the site to site VPN between two VyOS and the tunnel status is up however, both local and remote subnets are not able to reach each other or only one way communication is working

            Solution:

            1. Verify the IPSec configuration. Check if the local and remote network are configured correctly (phase 2 selectors).
            2. Verify that the firewall rules are created to pass VPN traffic( rules to pass from LAN to VPN and VPN to LAN). Check if the ESP ports - 500,4500 are open.
            3. Check routing, if there is any conflicting static routes or an active route is present to the remote subnets for a route based vpn.
            4. Take packet capture to check if the packets are flowing through the tunnel.

            If the above options do not help you, please raise a technical assistance ticket and attach the configuration and logs of the device.



            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select atleast one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0