New Cloud to site manged VPN interface
We have a new M290 Firebox that is cloud managed and are tryint to create a BOVPN to one of our older M270. We have set up a new BOVPN virtual interface and see the gateway come up but the tunnel always stays inactive with the following message even if we are trying to ping from either side.
"Unable to find any active Phase 2 Security Associations (SAs) for BOVPN virtual interface VIF.
Recommendation: Confirm whether either side is currently sending traffic through the tunnel."
TIA _ Josh
0
Sign In to comment.
Comments
Hi @Jsawyer77
The tunnel itself will show as inactive unless something tries to send traffic across the tunnel.
If sending traffic across the tunnel does not bring it online, I'd suggest opening a support case via the support center link at the top right of this page.
-James Carson
WatchGuard Customer Support
Ok I was messing with it some more today and now I get this
Apr 08 12:37:33 2025 ERROR 0x021a0011 Received unacceptable traffic selector in CREATE_CHILD_SA request.
I added the trusted networks for both the fireboxes to the route tab. When I was setting up regular BOVN it had a from to place but this only shows route too?