Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 26107 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN - no connection has been authorized with policy=PUBKEY

ErikFranzen

My IPSec VPN tunnels suddenly disconnected yesterday. I checked why and could not determine the cause. I have regenerated the VPN signing CA but no sucess. An checked and rechecked the settings.

I am still getting the error: "initial Main Mode message received on <remote gateway IP adress> but no connection has been authorized with policy=PUBKEY"

What have I missed? Why did it suddenly dropped? What to do?

Just upgraded from 9.351-2(?) to 9.351-3, nothing changed.



This thread was automatically locked due to age.
Parents
  • 0
    I saw another thread where a person was having s2s VPN issues after updating to 9.351. As I recall, recreating the s2s config on the UTM resolved the issue. You may want to try this.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0 in reply to Scott_Klassen

    On both UTM:s I deleted both Connections and remote gateways. Created new RSA keys and reconfigured. But still "initial Main Mode message received on <responder UTM IP address>:500 but no connection has been authorized with policy=PUBKEY " in the responders UTM log

    2015:11:10-20:17:03 fw pluto[2440]: | preparse_isakmp_policy: peer requests PUBKEY authentication
    2015:11:10-20:17:03 fw pluto[2440]: packet from <remote initiator UTM IP address>:51690: initial Main Mode message received on <responder UTM IP address>:500 but no connection has been authorized with policy=PUBKEY
  • 0 in reply to ErikFranzen

    Wow, I solved it. This issue have puzzled me almost the whole day. Finally, I checked the external IP adress for my UTM VPN initiator using a internet web page and compared it with the external IP address in the web gui . They were not the same!
    I am connected to the Internet using a LTE modem. After restarting the modem, the VPN tunnel automatically connected!


    Thanks for the help.

Reply
  • 0 in reply to ErikFranzen

    Wow, I solved it. This issue have puzzled me almost the whole day. Finally, I checked the external IP adress for my UTM VPN initiator using a internet web page and compared it with the external IP address in the web gui . They were not the same!
    I am connected to the Internet using a LTE modem. After restarting the modem, the VPN tunnel automatically connected!


    Thanks for the help.

Children
No Data
Unfiltered HTML