Good evening everyone,
I'm asking here because it looks like to open a ticket in the Sophos portal I have to pay even though I have a subscription.
For a very long time we had a site-to-site VPN with AWS, this stopped working for few days ago.
I've tried to recreate the VPN from scratch without any success, in the logs I see this recurrent error:
2024:09:20-14:36:26 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #193: starting keying attempt 6 of an unlimited number
2024:09:20-14:36:26 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #194: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #193 {using isakmp#182}
2024:09:20-14:36:26 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #194: our client ID returned doesn't match my proposal
2024:09:20-14:36:26 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #194: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:4500
2024:09:20-14:36:36 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #182: ignoring informational payload, type PAYLOAD_MALFORMED
2024:09:20-14:36:56 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #182: ignoring informational payload, type PAYLOAD_MALFORMED
2024:09:20-14:37:36 remote pluto[13853]: "S_REF_IpsAmaVpn0176f51_0" #194: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
And the IKE phase 2 fails.
System details are:
Model: SG115
Subscriptions: Base Functionality,Network Protection, Wireless Protection
Current firmware version: 9.719-3
Current pattern version: 245109
Is this a know issue?
Thank you very much for any hint
_
Fabio