Verbindungsabrüche Site2Site VPN

Question

Hallo alle zusammen,

seit einiger Zeit häufen sich die Abbrüche unser VPN Verbindung Sophos <=> Cisco via einer Telekom CompanyConnect Leitung. Anbei das Log des letzten Abbruchs von

heute Morgen. An manchen Tagen passiert das bis zu 10x auf den Tag verteilt :-(

//

018:01:05-08:16:10 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7936: initiating Main Mode to replace #7934

2018:01:05-08:29:10 utm-pe-mg pluto[5757]: ERROR: asynchronous network error report on eth3 for message to xxxxxxx port 500, complainant xxxxxx: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

2018:01:05-08:29:20 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7936: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message

2018:01:05-08:29:20 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7936: starting keying attempt 26 of an unlimited number

2018:01:05-08:29:20 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe_0" #7937: initiating Main Mode to replace #7936

2018:01:05-08:29:27 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunbielefe2_0" #7874: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x20ad50a9) not found (maybe expired)

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxx:500: ignoring Vendor ID payload [810fa565f8ab14369105d706fbd57279]

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxxx:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxxx:500: received Vendor ID payload [RFC 3947]

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: packet from xxxxxxxxx:500: received Vendor ID payload [Dead Peer Detection]

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: responding to Main Mode

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: ignoring Vendor ID payload [KAME/racoon]

2018:01:05-08:29:28 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: NAT-Traversal: Result using RFC 3947: no NAT detected

2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: Peer ID is ID_IPV4_ADDR: xxxxxxxxx

2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: Dead Peer Detection (RFC 3706) enabled

2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: sent MR3, ISAKMP SA established

2018:01:05-08:29:29 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7938: ignoring informational payload, type IPSEC_INITIAL_CONTACT

2018:01:05-08:29:30 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7939: responding to Quick Mode

2018:01:05-08:29:30 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7939: IPsec SA established {ESP=>0x0ace0ca0 <0x726b87a5 DPD}

2018:01:05-08:30:40 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunddorfne_0" #7933: DPD: Phase1 state #7933 has been superseded by #7938 - timeout ignored

2018:01:05-08:36:08 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunlemgone_0" #7940: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #7932 {using isakmp#7917}

2018:01:05-08:36:08 utm-pe-mg pluto[5757]: "S_REF_IpsSitTunlemgone_0" #7940: sent QI2, IPsec SA established {ESP=>0x85b885ba <0x2525375b DPD}

//

Hat einer hier eine Idee, wo der Fehler sein könnte??

Vielen Dank im Voraus

Michael

This thread was automatically locked due to age.