This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

packet from x.x.x.x:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN

Created a Site to Site iPSEC Policy Based VPN between Azure and Sophos UTM, I just followed this community.sophos.com/.../126995 but it somehow doesn't work. As i checked in the backlogs it shows as follows

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

uto[5871]: "S_REF_IpsSitConnecteas_0" #470: max number of retransmissions (20) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
2019:02:24-03:06:58 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #470: starting keying attempt 10 of an unlimited number
2019:02:24-03:06:58 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #485: initiating Main Mode to replace #470
2019:02:24-03:06:58 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:06:59 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:06:59 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: sending encrypted notification INVALID_MESSAGE_ID to :500
2019:02:24-03:07:02 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:07:02 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: sending encrypted notification INVALID_MESSAGE_ID to 1:500
2019:02:24-03:07:09 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:07:09 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:07:09 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: sending encrypted notification INVALID_MESSAGE_ID to :500
2019:02:24-03:07:24 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:07:24 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: sending encrypted notification INVALID_MESSAGE_ID to :500
2019:02:24-03:07:29 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:07:39 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:07:39 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:07:54 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #484: received Delete SA payload: deleting ISAKMP State #484
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: received Vendor ID payload [RFC 3947]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [FRAGMENTATION]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [Vid-Initial-Contact]
2019:02:24-03:07:54 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [IKE CGA version 1]
2019:02:24-03:07:54 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: responding to Main Mode
2019:02:24-03:07:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: NAT-Traversal: Result using RFC 3947: no NAT detected
2019:02:24-03:07:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Peer ID is ID_IPV4_ADDR: '13.82.199.211'
2019:02:24-03:07:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sent MR3, ISAKMP SA established
2019:02:24-03:07:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: cannot respond to IPsec SA request because no connection is known for 192.168.0.0/24===112.133.219.53[112.133.219.53]...13.82.199.211[13.82.199.211]===10.3.0.0/16
2019:02:24-03:07:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_ID_INFORMATION to 13.82.199.211:500
2019:02:24-03:07:56 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:07:56 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:07:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:07:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:08:00 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:08:00 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:08:07 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:08:07 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:08:08 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:08:22 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:08:22 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:08:37 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:08:37 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:08:49 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:08:52 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #486: received Delete SA payload: deleting ISAKMP State #486
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
2019:02:24-03:08:57 vpn pluto[5871]: packet from 1:500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: received Vendor ID payload [RFC 3947]
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [FRAGMENTATION]
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [Vid-Initial-Contact]
2019:02:24-03:08:57 vpn pluto[5871]: packet from :500: ignoring Vendor ID payload [IKE CGA version 1]
2019:02:24-03:08:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: responding to Main Mode
2019:02:24-03:08:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: NAT-Traversal: Result using RFC 3947: no NAT detected
2019:02:24-03:08:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Peer ID is ID_IPV4_ADDR: ''
2019:02:24-03:08:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sent MR3, ISAKMP SA established
2019:02:24-03:08:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: cannot respond to IPsec SA request because no connection is known for 192.168.0.0/24===112.133.219.53[112.133.219.53]...13.82.199.211[13.82.199.211]===10.3.0.0/16
2019:02:24-03:08:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_ID_INFORMATION to 13.82.199.211:500
2019:02:24-03:08:58 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:08:58 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:08:59 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:08:59 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:09:02 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:09:02 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:09:09 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:09:09 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:09:24 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:09:24 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:09:29 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:09:40 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:09:40 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: received Vendor ID payload [RFC 3947]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring Vendor ID payload [FRAGMENTATION]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring Vendor ID payload [Vid-Initial-Contact]
2019:02:24-03:09:55 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring Vendor ID payload [IKE CGA version 1]
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: responding to Main Mode
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #487: received Delete SA payload: deleting ISAKMP State #487
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: NAT-Traversal: Result using RFC 3947: no NAT detected
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Peer ID is ID_IPV4_ADDR: '13.82.199.211'
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sent MR3, ISAKMP SA established
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: cannot respond to IPsec SA request because no connection is known for 192.168.0.0/24===112.133.219.53[112.133.219.53]...13.82.199.211[13.82.199.211]===10.3.0.0/16
2019:02:24-03:09:55 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_ID_INFORMATION to 13.82.199.211:500
2019:02:24-03:09:56 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:09:56 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:09:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:09:57 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:10:00 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:10:00 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:10:07 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:10:07 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:10:09 vpn pluto[5871]: packet from 13.82.199.211:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
2019:02:24-03:10:22 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:10:22 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500
2019:02:24-03:10:37 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
2019:02:24-03:10:37 vpn pluto[5871]: "S_REF_IpsSitConnecteas_0" #488: sending encrypted notification INVALID_MESSAGE_ID to 13.82.199.211:500

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



This thread was automatically locked due to age.
  • This is a good question for Sophos Support.   Since you are running on AWS, I assume that you have support.

    The evidence of the problem is pretty obvious, but some expertise is needed to understand the configuration error that is causing it.   Please share the result when you succeed.

  • I have no clue fixing this issue, please assist me in solving this issue

    I have already shared the logs and what else would you require to understand the issue, please be precise on what information you needed from me.

     

    Note: The environment is not for AWS and it is for Azure.

  • Hi Sujithkumar and welcome to the UTM Community!

    UTM IPsec does not support IKEv2, so you can't use Azure Dynamic.  If that's not your problem, You should do as Doug suggested and get a case open with Sophos Support.  This community is primarily user-to-user helpers and is not a gateway to official support.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA