Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 8207 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec site 2 site vpn connectivity issue

wajid Khan

Hi everyone, 

 

I am not able to connect site 2 site IPSec VPN to my branch office there have Sonicwall TZ300 few days before we have changed the ISP and taken the Lease line connection. the VPN is working perfectly with the old ISP in the main mode IKEv1 but it's not working with new ISP. I have informed to ISP about the issue they don't block any VPN port.

 

I go through the VPN log but I can't understand the exact issue. 

 

2018-07-19 10:39:04 24[IKE] <20861> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
2018-07-19 10:39:04 24[IKE] <20861> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
2018-07-19 10:39:04 24[IKE] <20861> 103.205.*.* is initiating a Main Mode IKE_SA
2018-07-19 10:39:04 24[ENC] <20861> generating ID_PROT response 0 [ SA V V V V ]
2018-07-19 10:39:04 24[NET] <20861> sending packet: from 114.143.*.*[500] to 103.205.*.*[500] (156 bytes)
2018-07-19 10:39:12 07[IKE] <VPN_PS-1|20849> sending retransmit 5 of request message ID 0, seq 1
2018-07-19 10:39:12 07[NET] <VPN_PS-1|20849> sending packet: from 114.143.*.*[500] to 103.205.*.*[500] (260 bytes)
2018-07-19 10:39:12 11[NET] <20861> received packet: from 103.205.*.*[500] to 114.143.*.*[500] (176 bytes)
2018-07-19 10:39:12 11[IKE] <20861> received retransmit of request with ID 0, retransmitting response
2018-07-19 10:39:12 11[NET] <20861> sending packet: from 114.143.*.*[500] to 103.205.*.*[500] (156 bytes)
2018-07-19 10:39:22 27[NET] <20861> received packet: from 103.205.*.*[500] to 114.143.*.*[500] (176 bytes)
2018-07-19 10:39:22 27[IKE] <20861> received retransmit of request with ID 0, retransmitting response
2018-07-19 10:39:22 27[NET] <20861> sending packet: from 114.143.*.*[500] to 103.205.*.*[500] (156 bytes)
2018-07-19 10:39:34 28[JOB] <20861> deleting half open IKE_SA with 103.205.*.* after timeout
2018-07-19 10:39:34 28[DMN] <20861> [GARNER-LOGGING] (child_alert) ALERT: IKE_SA timed out before it could be established
2018-07-19 10:39:42 25[NET] <20862> received packet: from 103.205.*.*[500] to 114.143.*.*[500] (176 bytes)
2018-07-19 10:39:42 25[ENC] <20862> parsed ID_PROT request 0 [ SA V V V V V ]
2018-07-19 10:39:42 25[ENC] <20862> received unknown vendor ID: 5b:36:2b:c8:20:f6:00:07
2018-07-19 10:39:42 25[IKE] <20862> received NAT-T (RFC 3947) vendor ID
2018-07-19 10:39:42 25[IKE] <20862> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
2018-07-19 10:39:42 25[IKE] <20862> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
2018-07-19 10:39:42 25[IKE] <20862> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
2018-07-19 10:39:42 25[IKE] <20862> 103.205.*.* is initiating a Main Mode IKE_SA
2018-07-19 10:39:42 25[ENC] <20862> generating ID_PROT response 0 [ SA V V V V ]
2018-07-19 10:39:42 25[NET] <20862> sending packet: from 114.143.*.*[500] to 103.205.*.*[500] (156 bytes)



This thread was automatically locked due to age.
Parents
  • 0

    Hi wajid,

    As per the logs shown the packet was not responded when sent from XG ,I would suggest checking with the remote location if they have received the packets. If so ,check the remote location could be a change of RemoteIP may be needed updating , If not check with your ISP once again with proof.

    Packet capture on both locations should give you more hint to the issue.

Reply
  • 0

    Hi wajid,

    As per the logs shown the packet was not responded when sent from XG ,I would suggest checking with the remote location if they have received the packets. If so ,check the remote location could be a change of RemoteIP may be needed updating , If not check with your ISP once again with proof.

    Packet capture on both locations should give you more hint to the issue.

Children
No Data