Why does the VPN status of the QuWAN device appear as “Disconnected” when the WAN connection status appears as “Connected”?
Applicable Products
QuWAN Orchestrator
Overview
This FAQ addresses the scenario where a QuWAN device displays a "Disconnected" VPN status despite a "Connected" WAN connection status. Here are potential causes and recommended solutions:
Solution
1. Firewall Blocking Service Ports
Cause: The firewall may be blocking essential service ports required for VPN communication.
Solution: Verify that the following ports are open for bi-directional traffic on the firewall:
- IPSec connections: UDP ports 500, 4500, and the range 61001-62000.
- Hub-to-Edge VPN connections: UDP ports 7788 and 5555.
2. Unavailable Hub in Selected Region
Cause: The edge device might be attempting to connect to a hub that is unavailable in the selected region.
Solution:Verify the selected region configuration on the edge device. If necessary, choose a different region with available hubs.
3. LAN IP Address Conflict
Cause: A LAN IP address conflict between the QuWAN device and other devices on the local network can hinder VPN establishment.
Solution: Assign unique IP addresses to all devices on the LAN segment to avoid conflicts. Utilize DHCP reservation or static IP assignment to ensure no conflicting addresses are assigned dynamically.
4. WAN IP Address Change (Public to Private)
Cause: Changing the WAN connection IP address from a public address to a private address might disrupt VPN functionality.
Solution: Verify the VPN configuration is compatible with private WAN IP addresses. Some VPN protocols may require additional configuration for private networks.
Consult the QuWAN documentation for specific guidance on configuring VPNs with private WAN IP addresses.
