I have an asl 4.23 to asl 5.024 ipsec point to point connection. Rather i HAD one. After upgrading to 5.024 on one side i can no longer establish the point to point connection. One side is behind a dynamic connection and the other side is behind a static ip.
my logs show as follows:
000
000 "S_nj2nyc_0": 192.168.2.0/24===138.89.177.134[@xxx.com]...66.58.18.154===192.168.3.0/24
000 "S_nj2nyc_0": CAs: '%any'...'%any'
000 "S_nj2nyc_0": ike_life: 7800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "S_nj2nyc_0": policy: RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS; interface: ; unrouted
000 "S_nj2nyc_0": newest ISAKMP SA: #0; newest IPsec SA: #0; eroute owner: #0
000 "S_nj2nyc_0": IKE algorithms wanted: 5_000-1-5, flags=-strict
000 "S_nj2nyc_0": IKE algorithms found: 5_192-1_128-5,
000 "S_nj2nyc_0": ESP algorithms wanted: 3_000-1, ; pfsgroup=5; flags=-strict
000 "S_nj2nyc_0": ESP algorithms loaded: 3_168-1_128,
the first major problem i see is the fact that my ip on my dynamic side is 141.150.20.xx not 138.89.177.xx as listed ??
i have tried rebooting both asl machines as well as restarting the ipsec connections on both sides?? can any one help me fix this?? is this an issue with 5.024??
also my external interface shows the correct ip of 141.150.20.xx
thanks
asher
This thread was automatically locked due to age.
