Hello together,
we have had a strange behavior in the IPsec Site2Site VPN for some time.
Among other VPN connections there is one VPN with a local network on our side and on the other side are three remote networks. Nothing special. The VPN is authenticated with a PSK.
The VPN peer (Baracuda) on the other side is administered by a service provider.
The connection works for several days without problem. Then the connection breaks off and can not be new initalized by turning on and off or so.
If I delete the IPsec connection and create a new one, nothing happens. However, I delete the associated remote gateway and then build remotegateway and ipsec connection, the connection is immediately up and running for several days without errors.
The other VPN connections on the same Sophos work in the meantime without any problems. Has anyone observed such behavior?
The Policy is like this
The UTM is running 9.506-2 but the same behavior is seen before
The Logfile when the error exist:
2018:04:12-11:44:45 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3033: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2018:04:12-11:44:45 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3033: starting keying attempt 123 of an unlimited number
2018:04:12-11:44:45 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3037: initiating Main Mode to replace #3033
2018:04:12-11:57:55 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3037: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2018:04:12-11:57:55 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3037: starting keying attempt 124 of an unlimited number
2018:04:12-11:57:55 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3038: initiating Main Mode to replace #3037
2018:04:12-12:11:05 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3038: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2018:04:12-12:11:05 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3038: starting keying attempt 125 of an unlimited number
2018:04:12-12:11:05 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3039: initiating Main Mode to replace #3038
2018:04:12-12:24:15 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3039: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2018:04:12-12:24:15 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3039: starting keying attempt 126 of an unlimited number
2018:04:12-12:24:15 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3041: initiating Main Mode to replace #3039
2018:04:12-12:37:25 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3041: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2018:04:12-12:37:25 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3041: starting keying attempt 127 of an unlimited number
2018:04:12-12:37:25 fwxxx pluto[3606]: "S_REF_IpsSitXXX-Seite_0" #3043: initiating Main Mode to replace #3041
Nothing spectacular
When the VPN run again there is sometimes
2018:04:12-16:39:04 fwXXX pluto[3606]: ERROR: "S_REF_IpsSitXXX-Seite_0" #3075: sendto on eth2 to 97.XX.XX.XX:500 failed in main_outI1. Errno 1: Operation not permitted
But now the VPN is build without any Errors
At anytime the other side is ping reachable (that means nothing, i know)
The other VPN connections on the same Sophos works in the meantime without any problems. Has anyone observed such behavior?
Sorry for my bad english
This thread was automatically locked due to age.
