Hi,
I hope someboy has an idea and can help me out:
I already have users connecting to my Sophos UTM with IpSec using Sophos Connect client. Now I set up a new user, added him to the appropriate group and downloaded his connection details and the certificate from the user portal.
But Sophos connect is not able to connect to the firewall and alwas says: Child SA could not be established.
Has anybody an idea?
Here is the log:
2022:02:21-13:43:25 gateway pluto[6160]: added connection description "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3104: length of ISAKMP Message is smaller than minimum
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3104: sending notification PAYLOAD_MALFORMED to XXX:3104
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3105: received Vendor ID payload [XAUTH]
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3105: received Vendor ID payload [Dead Peer Detection]
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3105: ignoring Vendor ID payload [FRAGMENTATION 80000000]
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3105: received Vendor ID payload [RFC 3947]
2022:02:21-13:47:13 gateway pluto[6160]: packet from XXX:3105: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2022:02:21-13:47:13 gateway pluto[6160]: "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"[1] XXX:3105 #6: responding to Main Mode from unknown peer XXX:3105
2022:02:21-13:47:13 gateway pluto[6160]: "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"[1] XXX:3105 #6: NAT-Traversal: Result using RFC 3947: peer is NATed
2022:02:21-13:47:14 gateway pluto[6160]: | NAT-T: new mapping XXX:3105/3106)
2022:02:21-13:47:14 gateway pluto[6160]: "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"[1] XXX:3106 #6: ignoring informational payload, type AUTHENTICATION_FAILED
2022:02:21-13:48:24 gateway pluto[6160]: "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"[1] XXX:3106 #6: max number of retransmissions (2) reached STATE_MAIN_R2
2022:02:21-13:48:24 gateway pluto[6160]: "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"[1] XXX:3106: deleting connection "D_REF_IpsRoaIpsecvpn_AaaUseDispo2-0"[1] instance with peer XXX {isakmp=#0/ipsec=#0}
Thanks in advance
Best
Steve
This thread was automatically locked due to age.