We've done it a bit (and are currently running some) on Telstra.internet (if I 
recall correctly) using DMVPN with Cisco gear to do it, so its not an exact 
match to your situation.


Never noticed any specific IKEv2 issues though.


Cheers,

Ayden

________________________________
From: AusNOG <ausnog-boun...@lists.ausnog.net> on behalf of James Andrewartha 
<tr...@ucc.gu.uwa.edu.au>
Sent: Friday, 7 August 2020 1:57:44 AM
To: Daniel Carpenter
Cc: ausnog@lists.ausnog.net
Subject: Re: [AusNOG] IPsec issues over Telstra

On Thu, 6 Aug 2020, Daniel Carpenter wrote:

> Anyone seeing any new issues forming IPsec IKEv2 tunnels over both 
> Telstra.internet and Telstra.extranet lately? I’ve been
> trying to implement a new hub and spoke for a new environment using a HA pair 
> of FortiGate 300e as the hub and Teltonika RUTX11
> as the end devices. My P1 and P2 come up fine but have little luck sending 
> any traffic. Static routes created with the tunnels
> on both ends appear fine. I’ve tested the RUTX11 on our external wan with a 
> public IP out of our APNIC provided subnet and it
> works flawlessly. Not operational yet luckily but if I cant figure it out in 
> a week or two ill be forced to do it with OpenVPN.
> Or configure it with IPv6.

I can do it (IKEv1 though) with the embedded LTE modem in a FGT
30E-3G4G-GBL, but if I use a Netgear LB2120 connected to the FGT, the VPN
doesn't come up (I haven't investigated further yet due to lack of time).

--
# TRS-80              trs80(a)ucc.gu.uwa.edu.au #/ "Otherwise Bub here will do \
# UCC Wheel Member     http://trs80.ucc.asn.au/ #|  what squirrels do best     |
[ "There's nobody getting rich writing          ]|  -- Collect and hide your   |
[  software that I know of" -- Bill Gates, 1980 ]\  nuts." -- Acid Reflux #231 /
_______________________________________________
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Reply via email to