This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

cannot route -- route already in use

please can you help me in solving this problem am having new sohpoe firewall and i tried  to setup site to site vpn with another old one 

this error comes out 

 

                                                                                            sent MR3, ISAKMP SA established
2018:05:15-16:58:17   pluto[25761]: "IPSEC" #4: responding to Quick Mode
2018:05:15-16:58:17   pluto[25761]: "IPSEC" #4: cannot route -- route already in use for "XIPSEC"
2018:05:15-16:58:27   pluto[25761]: "IPSEC" #4: cannot route -- route already in use for "XIPSEC"
2018:05:15-16:58:48   pluto[25761]: "IPSEC" #4: cannot route -- route already in use for "XIPSEC"
 

 

 

am not having any vpn in my firwal new one 



This thread was automatically locked due to age.
  • Hi Mhmd and welcome to the UTM Community!

    Please do the following:

    1. Confirm that Debug is not enabled.
    2. Disable the IPsec Connection.
    3. Start the IPsec Live Log and wait for it to begin to populate.
    4. Enable the IPsec Connection.
    5. Show us about 60 lines from enabling through the error.  Obfuscate IPs like 192.168.x.21 and 98.x.y.131.

    Also, show pictures of the Edits of the IPsec Connection and Remote Gateway.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  •                                                     only this                          
     
                                                                               Peer ID is ID_FQDN: 'site.co'
                                                                                                                                     
                                                                                 deleting connection "IPSEC"[1] instance with peer 17.0.00.00.0 {isakmp=#0/ipsec=#0}
                                                                               Dead Peer Detection (RFC 3706): enabled
                                                                                ent MR3, ISAKMP SA established
    2018:05:15-16:58:17   pluto[25761]: "S_IPSEC" #4: responding to Quick Mode
    2018:05:15-16:58:17   pluto[25761]: "S_PSEC" #4: cannot route -- route already in use for "X_IPSEC"
    2018:05:15-16:58:27   pluto[25761]: "S_IPSEC" #4: cannot route -- route already in use for "X_IPSEC"
    2018:05:15-16:58:48   pluto[25761]: "S_IPSEC" #4: cannot route -- route already in use for "X_IPSEC"
     
  • Without seeing more detail, one can only guess that you have another IPsec tunnel with a subnet in the Remote Gateway that overlaps a subnet in the Remote Gateway of this tunnel.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA