3rd party Client to Site VPN fails when using ISP redundancy in Load Sharing mode

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk97968
Technical Level
Product	ClusterXL, Quantum Security Gateways
Version	All
Date Created	01-Jan-2014
Last Modified	25-Jul-2017

Symptoms

3rd party VPN clients cannot connect to server behind ISP redundancy in Load Sharing mode.
Key exchange packets are going out through one link while the ESP packets going through another link IP.
The gateway is not dropping any packet.

Cause

The gateway cannot associate between the key exchange traffic and the encrypted packets.

The VPN server expects that all of the traffic will come from the same source so he could associate the keys for each packet.

Solution

Note: To view this solution you need to Sign In .