Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 5146 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Asrato Security Gateway v7 and Windows 2012R2 RRAS

IuriiIashchenko

Hi there!

I'm trying to build site to site VPN using ASG v7 and Windows 2012R2 Routing and remote access

I've configured PSK Gateway on ASG and IKEv2 interface on windows. On windows I opened UDP 500,4500,1701 ports (tried opening all traffic there).

On WIndows I'm getting error like ports closed (I have configured "Auto packet filter" and even explicit rules)

On ASG:

2016:03:16-05:25:11 fw pluto[3886]: | **parse ISAKMP Message:
2016:03:16-05:25:11 fw pluto[3886]: | initiator cookie:
2016:03:16-05:25:11 fw pluto[3886]: | 2b fc 3d 66 89 7c 10 bf
2016:03:16-05:25:11 fw pluto[3886]: | responder cookie:
2016:03:16-05:25:11 fw pluto[3886]: | c9 f0 20 3f f3 b7 51 8b
2016:03:16-05:25:11 fw pluto[3886]: | next payload type: ISAKMP_NEXT_N
2016:03:16-05:25:11 fw pluto[3886]: | ISAKMP version: ISAKMP Version 1.0
2016:03:16-05:25:11 fw pluto[3886]: | exchange type: ISAKMP_XCHG_INFO
2016:03:16-05:25:11 fw pluto[3886]: | flags: none
2016:03:16-05:25:11 fw pluto[3886]: | message ID: 1b 1f 2b 7e
2016:03:16-05:25:11 fw pluto[3886]: | length: 56
2016:03:16-05:25:11 fw pluto[3886]: | ICOOKIE: 2b fc 3d 66 89 7c 10 bf
2016:03:16-05:25:11 fw pluto[3886]: | RCOOKIE: c9 f0 20 3f f3 b7 51 8b
2016:03:16-05:25:11 fw pluto[3886]: | peer: a9 37 ed eb
2016:03:16-05:25:11 fw pluto[3886]: | state hash entry 16
2016:03:16-05:25:11 fw pluto[3886]: | state object not found
2016:03:16-05:25:11 fw pluto[3886]: | ***parse ISAKMP Notification Payload:
2016:03:16-05:25:11 fw pluto[3886]: | next payload type: ISAKMP_NEXT_NONE
2016:03:16-05:25:11 fw pluto[3886]: | length: 28
2016:03:16-05:25:11 fw pluto[3886]: | DOI: ISAKMP_DOI_IPSEC
2016:03:16-05:25:11 fw pluto[3886]: | protocol ID: 1
2016:03:16-05:25:11 fw pluto[3886]: | SPI size: 16
2016:03:16-05:25:11 fw pluto[3886]: | Notify Message Type: NO_PROPOSAL_CHOSEN
2016:03:16-05:25:11 fw pluto[3886]: packet from xxx.xxx.xxx.xx:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2016:03:16-05:25:11 fw pluto[3886]: | info: 2b fc 3d 66 89 7c 10 bf c9 f0 20 3f f3 b7 51 8b
2016:03:16-05:25:11 fw pluto[3886]: | next event EVENT_RETRANSMIT in 40 seconds for #9

I double checked that PSK is the same on both sides. Don't know if that is important, but there is another VPN on same ASG, but with different PSK, which is working fine. Any help appreciated!



This thread was automatically locked due to age.
Unfiltered HTML