Hello,
I'm troubleshooting Site to Site VPN connection for 2-3 weeks already and still didn't find solution. We have S2S connection between our head office and remote site and connection was working fine for 3 years and now just stopped working. I reached out to our ISP providers to check if they are blocking IP address on port 500 and as they confirmed everything is open on their end.
Since we have 2 interfaces on both sites (primary internet line and slower backup line) i tried to establish connection with another interfaces and that worked without a problem. I was able to connect main office primary line with remote office slower backup line and vice versa, but we need maximum from our tunnel and we would like to get primary lines connected.
I ran live logs on both ends and only what i notice is on remote site:
2018:12:03-22:13:14 gatewaycham pluto[12756]: "S_stayner respond"[1] 20.80.101.78 #2: responding to Main Mode from unknown peer 20.80.101.78
2018:12:03-22:13:44 gatewaycham pluto[12756]: "S_stayner respond"[1] 20.80.101.78 #1: max number of retransmissions (2) reached STATE_MAIN_R1
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: received Vendor ID payload [strongSwan]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: ignoring Vendor ID payload [Cisco-Unity]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: received Vendor ID payload [XAUTH]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: received Vendor ID payload [Dead Peer Detection]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: received Vendor ID payload [RFC 3947]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2018:12:03-22:13:54 gatewaycham pluto[12756]: packet from 20.80.101.78:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2018:12:03-22:13:54 gatewaycham pluto[12756]: "S_stayner respond"[1] 20.80.101.78 #3: responding to Main Mode from unknown peer 20.80.101.78
2018:12:03-22:14:24 gatewaycham pluto[12756]: "S_stayner respond"[1] 20.80.101.78 #2: max number of retransmissions (2) reached STATE_MAIN_R1
Thank you,
Denis
This thread was automatically locked due to age.