Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 2695 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec VPN disconnections Message ID: 18055 and Error: EPR_VPN-1 - IKE message retransmission timed out

Patrick Hayden

Various users are being regularly disconnected from their IPsec VPN, using the Sophos Client.

Users see an error "Connection may fail. The IKE UDP port seems to be blocked"

They will usually be able to reconnect within five minutes.

On the logs I can see "Message ID:  18055 and Error: EPR_VPN-1 - IKE message retransmission timed out (Remote: x.x.x.x)" where the x is the public IP address of the end user.

I'm struggling to imagine that there is an issue with ports being blocked as the VPN will generally connect but just kicks people of a few times a day.

Firewall: XG115 (SFOS 18.5.2 MR-2-Build380) C19107KT96Q4G75



This thread was automatically locked due to age.
  • 0

    Hi Patrick Hayden

    Have you recently made any changes on L2TP VPN or enable L2TP VPN  and after that IPSec VPN remote user getting disconnected frequently ?

    Thanks and regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Hi Bharat, I'm fairly sure there have been no recent changes as they would likely have gone through me.

    Is there any likely configuration issue that would cause this?

  • 0

    Hi : Are there any common pattern observations during user disconnection time? Like for all users who face disconnection there are any rekey events or etc? 

    Are you using OTP with Sophos connect client? 

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Vishal_R

    Hi Vishal,

    I haven't been able to spot any patterns but that doesn't rule it out. However users rarely seem to disconnect at the same time if that means anything.

    They are not using OTP. AD synced usernames, passwords with a PSK.

  • 0 in reply to Patrick Hayden

    Hi Patrick Hayden 

    Please go to Configure --->VPN-->IPSec VPN connection and let me know if any tunnel is configured?

    Please go to Configure --->VPN-->L2TP VPN (remote access )and can you share a snapshot 

    Please go to Protect --->Intrustion Prevention --->DoS attack share the snapshot for the current status?

    Please go to Configure --->Authetication --->Servers?

    Please go to Configure --->Authetication --->Services --->VPN (IPsec/L2TP/PPTP) authentication methods status ?

    Please go to Configure --->Authetication --->Multi-factor Authentication and share the snapshot for the same ? 

    Please check admin logs in case any changes and causing the issue?

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?