Wednesday, February 7, 2018

IPSec Site-to-Site tunnel issues between Europe and China

Since several months we have continues IPSec VPN issue with our Site-to-Site tunnels between our China and Europe sites via Internet. IKE traffic sent by some Europe sites is never arriving at the China site. All other traffic is arriving as usual.

Our china contact told us some of our public address spaces are on a kind of blacklist. We solved this by switching our public address spaces used for the tunnel establishment with our china sites on some important Europe sites. This works for now, but this might change ...

I spoke with some other colleagues i know from work. Most of them have the same behavior except those who are using MPLS lines to connect to Europe.

I heard that there is a way to "register" a company vpn to the chinese government in order to get not blocked by the great firewall. But i was not able to get any details yet.

You are/were faced with the same situation? How you solved it?



No comments:

Post a Comment