- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
VPN Tunnel to Draytek - Multiple subnets but only one Security Association created
03/26/2020 
9 People found this article helpful
98,809 Views
Description
A VPN Tunnel to Draytek is going up with only one Security Association (SA) although there are many Local/Destination Networks so more SAs should be created.
Cause
It looks like Draytek does not fully support multiple phase 2 security associations for a single VPN Policy with the default settings.
Resolution
To fix this, the option "Create Phase 2 SA for each subnet" has to be enabled on the Draytek (Vigor) router:
However, this may not work if you have the Perfect Forward Secrecy option disabled on the SonicWall. Please enable it from the configuration of the VPN Tunnel to the Draytek:
For further details: How to Create Phase2 SA for Multiple Subnets - Draytek Website
Related Articles
Categories
- Firewalls > SonicWall NSA Series > VPN
- Firewalls > TZ Series > VPN
- Firewalls > SonicWall SuperMassive 9000 Series > VPN
YES
NO