I've 3 astaro:
1/ asg_home is astaro 7.350 at home
2/ asg_dc is astaro 7.201 at Data Center
3/ asg_office is astaro 7.350 at Office
I've setup ipsec site-to-site vpns as follow:
a/ asg_office (initiate) asg_dc (respond only)
b/ asg_home (respond only) asg_office (initiate)
c/ asg_home (initiate) asg_dc (respond only)
a/ and b/ is working fine
but c/ is working partially check attached image..
and I get those errors in logs on the asg_dc (7.201) server:
2008:11:28-19:15:14 (none) pluto[13070]: "S_asg_home.domain.com_0"[2] 79.ip.hom.e22 #963: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xb4693855 (perhaps this is a duplicated packet)
2008:11:28-19:15:14 (none) pluto[13070]: "S_asg_home.domain.com_0"[2] 79.ip.hom.e22 #963: sending encrypted notification INVALID_MESSAGE_ID to 79.ip.hom.e22:500
2008:11:28-19:15:54 (none) pluto[13070]: "S_asg_home.domain.com_0"[2] 79.ip.hom.e22 #963: cannot respond to IPsec SA request because no connection is known for 192.168.2.0/24===217.ip.dc.100[@asg_dc.domain.com]...79.ip.hom.e22[@asg_home.domain.com]===192.168.1.0/24
2008:11:28-19:15:54 (none) pluto[13070]: "S_asg_home.domain.com_0"[2] 79.ip.hom.e22 #963: sending encrypted notification INVALID_ID_INFORMATION to 79.ip.hom.e22:500
what did I miss ?
