We've done it a bit (and are currently running some) on Telstra.internet (if I recall correctly) using DMVPN with Cisco gear to do it, so its not an exact match to your situation.
Never noticed any specific IKEv2 issues though. Cheers, Ayden ________________________________ From: AusNOG <ausnog-boun...@lists.ausnog.net> on behalf of James Andrewartha <tr...@ucc.gu.uwa.edu.au> Sent: Friday, 7 August 2020 1:57:44 AM To: Daniel Carpenter Cc: ausnog@lists.ausnog.net Subject: Re: [AusNOG] IPsec issues over Telstra On Thu, 6 Aug 2020, Daniel Carpenter wrote: > Anyone seeing any new issues forming IPsec IKEv2 tunnels over both > Telstra.internet and Telstra.extranet lately? I’ve been > trying to implement a new hub and spoke for a new environment using a HA pair > of FortiGate 300e as the hub and Teltonika RUTX11 > as the end devices. My P1 and P2 come up fine but have little luck sending > any traffic. Static routes created with the tunnels > on both ends appear fine. I’ve tested the RUTX11 on our external wan with a > public IP out of our APNIC provided subnet and it > works flawlessly. Not operational yet luckily but if I cant figure it out in > a week or two ill be forced to do it with OpenVPN. > Or configure it with IPv6. I can do it (IKEv1 though) with the embedded LTE modem in a FGT 30E-3G4G-GBL, but if I use a Netgear LB2120 connected to the FGT, the VPN doesn't come up (I haven't investigated further yet due to lack of time). -- # TRS-80 trs80(a)ucc.gu.uwa.edu.au #/ "Otherwise Bub here will do \ # UCC Wheel Member http://trs80.ucc.asn.au/ #| what squirrels do best | [ "There's nobody getting rich writing ]| -- Collect and hide your | [ software that I know of" -- Bill Gates, 1980 ]\ nuts." -- Acid Reflux #231 /
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog