I have problem with setting up IPsec on Balance 305, where my branch site is using dynamic IP, thus we apply ddns to the branch VPN device, if we are to put the ddns hostname in Balance 305 remote gateway, we will not be able to connect with below error:-
Remote ID ‘175.144.xx.xx’ does not match with ‘xxxphg.ddns.net’
Thus, meaning that when Peplink initiate the IPsec with site, it expect the site to return the hostname, and does not even want to use the IP return from the site even if the IP of the ddns FQDN is correct.
Hello Json188,
Did you have any luck with this problem as i have the same problem now.
What make and model is your branch office? I assume the main office is the Balance 305? As noted on the Peplink setup page for IPsec, connection is only guaranteed with Cisco, Juniper, and Peplink devices. One would think IPsec will talk to anyone else’s IPsec but the industry is not that good. I’ve often had trouble connecting two manufacturer devices via IPsec. Thats why PepVPN was created. I’m not saying other brands won’t talk to Peplink IPsec, just that it isn’t guaranteed.
If your home office has a static IP, the branch should intiate the connection using aggressive mode. With aggressive mode, the device doesn’t care about DDNS. Its not needed. You don’t enter the DDNS into the home office setup. The fully qualified domain name listed is just to verify its the same on both ends of the connection, doesn’t care about what you may or may not have for DDNS.
1 Like
Im trying to setup a full mesh VPN and the 2 sites i’m having trouble with are both on LTE connections that are have dynamic IP’s. That’s why i wanted to use DDNS.
FYI Fortigate 100E and Draytek’s 2860 can be used for IPSEC VPN’s to a Pepwave MAX Transit