Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP over IPSec VPN Fails to Connect

Running latest version of UTM and iOS.

2022:07:11-19:18:22 Hillary-1 pluto[38611]: "L_for scott"[2] 192.168.0.122 #4: responding to Quick Mode
2022:07:11-19:18:22 Hillary-1 pluto[38611]: "L_for scott"[2] 192.168.0.122 #4: IPsec SA established {ESP=>0x089d6f95 <0xc4961b9f DPD}
2022:07:11-19:18:42 Hillary-1 pluto[38611]: "L_for scott"[2] 192.168.0.122 #3: received Delete SA(0x089d6f95) payload: deleting IPSEC State #4
2022:07:11-19:18:42 Hillary-1 pluto[38611]: "L_for scott"[2] 192.168.0.122 #3: deleting connection "L_for scott"[2] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:18:42 Hillary-1 pluto[38611]: ERROR: asynchronous network error report on eth3 for message to 192.168.0.122 port 500, complainant 192.168.0.122: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2022:07:11-19:18:42 Hillary-1 pluto[38611]: "L_for scott"[2] 192.168.0.122 #3: received Delete SA payload: deleting ISAKMP State #3
2022:07:11-19:18:42 Hillary-1 pluto[38611]: "L_for scott"[2] 192.168.0.122: deleting connection "L_for scott"[2] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:18:42 Hillary-2 pluto[58934]: "L_for scott"[2] 192.168.0.122: deleting connection "L_for scott"[2] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:18:42 Hillary-2 pluto[58934]: "L_for scott"[2] 192.168.0.122: deleting connection "L_for scott"[2] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:18:42 Hillary-1 pluto[38611]: ERROR: asynchronous network error report on eth3 for message to 192.168.0.122 port 500, complainant 192.168.0.122: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: received Vendor ID payload [RFC 3947]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: ignoring Vendor ID payload [FRAGMENTATION 80000000]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: packet from 192.168.0.122:500: received Vendor ID payload [Dead Peer Detection]
2022:07:11-19:18:54 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: responding to Main Mode from unknown peer 192.168.0.122
2022:07:11-19:18:54 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: NAT-Traversal: Result using RFC 3947: no NAT detected
2022:07:11-19:18:54 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2022:07:11-19:18:54 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: Peer ID is ID_IPV4_ADDR: '192.168.0.122'
2022:07:11-19:18:54 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: Dead Peer Detection (RFC 3706) enabled
2022:07:11-19:18:54 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: sent MR3, ISAKMP SA established
2022:07:11-19:18:55 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #6: responding to Quick Mode
2022:07:11-19:18:55 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #6: IPsec SA established {ESP=>0x0b3d3d7c <0xefbbc301 DPD}
2022:07:11-19:19:15 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: received Delete SA(0x0b3d3d7c) payload: deleting IPSEC State #6
2022:07:11-19:19:15 Hillary-2 pluto[58934]: "L_for scott"[3] 192.168.0.122: deleting connection "L_for scott"[3] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:19:15 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: deleting connection "L_for scott"[3] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:19:15 Hillary-1 pluto[38611]: ERROR: asynchronous network error report on eth3 for message to 192.168.0.122 port 500, complainant 192.168.0.122: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2022:07:11-19:19:15 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122 #5: received Delete SA payload: deleting ISAKMP State #5
2022:07:11-19:19:15 Hillary-1 pluto[38611]: "L_for scott"[3] 192.168.0.122: deleting connection "L_for scott"[3] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:19:15 Hillary-2 pluto[58934]: "L_for scott"[3] 192.168.0.122: deleting connection "L_for scott"[3] instance with peer 192.168.0.122 {isakmp=#0/ipsec=#0}
2022:07:11-19:19:15 Hillary-1 pluto[38611]: ERROR: asynchronous network error report on eth3 for message to 192.168.0.122 port 500, complainant 192.168.0.122: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] 



This thread was automatically locked due to age.
Parents Reply Children