Hi All,
I am new to the Peplink kit and have tried working out if this is possible or not but i cant seem to find anything that helps.
I have a site with a Peplink Balance once and am trying to configure an IPSec Tunnel to another site using a Ubiquiti USG-Pro-4. Iv tried many different configs but all i get is “IKE/ESP Proposal refused, please verify settings.”
Any help would be much appreciated.
Thanks
Hi there,
This is something that I have also wondered.
I have been successful in connecting the USG to another router such as PFSense but only using IKEv2 and not V1 on IPSec.
It appears that from other research I’ve done that the USG only supports IKEv2 IPSec VPN therefore the Peplink routers must support IKEv2 in order for it to work. I am not sure if the Peplink kit supports IKEv2 but I’ll keep looking.
Cheers,
Robbo
Scrap my previous reply!
I’ve just been playing around and the USG now supports IKE v1 & v2 - have done config in the Peplink GUI and also within the Unifi controller for the USG and the IPSec link works! 
Cheers,
Robbo
Hi Rob,
I have been able to successfully create the IPSec link between both USG and Peplink, I had to delete the automated VTI and create a legacy tunnel by CLI. There after I have been able to successfully pass traffic from USG site to Peplink site but not the other way. I believe its USG firewall related. Issue I now have is the USG doesn’t support many DHCP scope options so now I need to play with that or replace it with a Peplink.
I will keep you posted
Regards,
Sunny
Can you please share configuration printscreen, thanks
Hello there TechnologyClinic,
Wanted to ask if you have a video on the steps to configure a Peplink Balance One IPSec to EdgeRouter?
Thanks,
Chris
Hello. I have set up a working VPN between an Edge Router PoE and a Peplink Balance 20. It is not the same model but web interface is the same and IPSec site to site configuration is the same on both models of Peplink. Here is the file video I used to configure the Edge Router and I will also attach a screenshot of my peplink IPSec Configuration. On both ends I disable Perfect Forward Secrecy or PFS.
Just replace the Remote Gateway with your own public IPs.
If you need to tweak your settings in the Ubiquiti Side go to Config Tree in the web interface to the VPN tab. Hope this helps.
Has this issue been resolved?
I am trying to configure an IPSec Tunnel from PEPLink Fusion Hub to a UniFi network with USG-3P and getting same error “IKE/ESP Proposal refused, please verify settings” or “Authentication failed, please verify settings.”.
Is it possible to connect Peplink to USG, or are they simply not compatible?
Did anyone get to work a VPN site to site between Unifi and peplink?
I get it “connected” on both sides, but they can’t talk to each other in reality
Could you elaborate a bit more?
Did you change your routing profiles on UniFi and Peplink?
Nope, I didn’t change any routing profiles, I didn’t change them back in the day where I made the Site to site Open vpn between unify,
I just need site to site, not the client version of the VPN, just site to site
OK - perhaps you could explain what your mission end goal was here?
Is it to pass data from Peplink to UniFi or counter? Or to access internal data from another site?
Hello…
Look… IKEv1, only support a remote ip address " blank/opened ", when using agressive mode.
Hi @Captain_Nik nik, My goal is to access local devices from Unifi,
Site 1 Unifi 192.168.20.0/24
Site 2 Unifi 192.168.0.0/24
Site 3 Peplink B one 5g 192.168.101.0/24
Site 1 and Site 2 currently linked via Open VPN site to site VPN, so each member access the internet with their own public IP address, but from a device on Site 2 you can access a device in site 1 (from a laptop at site 2 192.168.0.15 you can access a server at site 1 192.168.20.15)
I want to accomplish that same thing with site 2 and site 3, since peplink doesn’t have site to site vpn on open vpn, then this needs to be done with ipsec I guess.
I also want to do this other thing, completely different, though this is not the post to ask for it, but ill leave here too.
Site 1 Unifi 192.168.20.0/24
Site 2 Unifi 192.168.0.0/24
Site 3 Peplink B one 5g 192.168.101.0/24
I have on Site 1 IPTV service
I have on site 1 a Openvpn server for clients
I have on site 2 open vpn client connected to site 1, a new network (192.168.21.0/24) that routes all the traffic through that one VPN so the public address for all devices on this network is the same IP address as on site 1, and thus, IPTV provider lets us see more channels since we are “at home”. Traffic speeds on this network at site 2 are low, but more than enough for tv providers (50mb), but that’s the reason only that one network for the amazon stick goes through that VPN.
I want this last one too to work, from site 3,
I have already created the open vpn client at site 3, and the network, but can’t get to link the VPN to the network, I have to say I didn’t have the time yet to read about it, and also link that one network to an SSID, this last step I guess its done via a VLAN.
Last but not least, a VPN client at site 3 so I can access local devices in case the other fails or in case I am not at any site and I want to access devices, I already have this one working and I like that peplink gives you two files, one for only local traffic, and one for all traffic, (I didn’t know this was possible to be done from a site to client configuration)
should I try aggressive mode or main mode? what’s the difference? I don’t want to expose my network to the Internet
Worry about your data… best choice will be use IKEv2… forget IKEv1.
