Hallo alle zusammen,
seit einiger Zeit häufen sich die Abbrüche unser VPN Verbindung Sophos <=> Cisco via einer Telekom CompanyConnect Leitung. Anbei das Log des letzten Abbruchs von
heute Morgen. An manchen Tagen passiert das bis zu 10x auf den Tag verteilt :-(
//
018:01:05-08:16:10 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7936: initiating Main Mode to replace #7934
2018:01:05-08:29:10 utm-pe-mg pluto[5757]: ERROR: asynchronous network error report on eth3 for message to xxxxxxx port 500, complainant xxxxxx: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2018:01:05-08:29:20 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7936: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2018:01:05-08:29:20 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7936: starting keying attempt 26 of an unlimited number
2018:01:05-08:29:20 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7937: initiating Main Mode to replace #7936
2018:01:05-08:29:27 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe2_0" #7874: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x20ad50a9) not found (maybe expired)
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxx:500: ignoring Vendor ID payload [810fa565f8ab14369105d706fbd57279]
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxxx:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxxx:500: received Vendor ID payload [RFC 3947]
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxxx:500: received Vendor ID payload [Dead Peer Detection]
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: responding to Main Mode
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: ignoring Vendor ID payload [KAME/racoon]
2018:01:05-08:29:28 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: NAT-Traversal: Result using RFC 3947: no NAT detected
2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: Peer ID is ID_IPV4_ADDR: xxxxxxxxx
2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: Dead Peer Detection (RFC 3706) enabled
2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: sent MR3, ISAKMP SA established
2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2018:01:05-08:29:30 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7939: responding to Quick Mode
2018:01:05-08:29:30 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7939: IPsec SA established {ESP=>0x0ace0ca0 <0x726b87a5 DPD}
2018:01:05-08:30:40 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7933: DPD: Phase1 state #7933 has been superseded by #7938 - timeout ignored
2018:01:05-08:36:08 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunlemgone_0" #7940: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #7932 {using isakmp#7917}
2018:01:05-08:36:08 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunlemgone_0" #7940: sent QI2, IPsec SA established {ESP=>0x85b885ba <0x2525375b DPD}
//
Hat einer hier eine Idee, wo der Fehler sein könnte??
Vielen Dank im Voraus
Michael
This thread was automatically locked due to age.