i have a problem getting my IPSec Site-to-Site VPN to work.
I have 2 Astaro 7 boxes with the one starting the connection being behind a router with ports 500 and 4500 forwarded. I have NAT translation activated an i´m using AES 256
this one is from the device that has the ports forwarded:
2008:05:20-18:58:52 (none) pluto[13262]: | *time to handle event
2008:05:20-18:58:52 (none) pluto[13262]: | event after this is EVENT_SHUNT_SCAN in 88 seconds
2008:05:20-18:58:52 (none) pluto[13262]: | handling event EVENT_RETRANSMIT for ***.***.***.*** "S_REF_dJGNAmdPfx_0" #1
2008:05:20-18:58:52 (none) pluto[13262]: | sending 216 bytes for EVENT_RETRANSMIT through eth1 to ***.***.***.***:500:
2008:05:20-18:58:52 (none) pluto[13262]: | inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #1
2008:05:20-18:58:52 (none) pluto[13262]: | next event EVENT_RETRANSMIT in 40 seconds for #1
2008:05:20-18:58:55 (none) pluto[13262]: | name:
2008:05:20-18:58:55 (none) pluto[13262]: | 02 00 01 f4 3e 9c ef 1b 00 00 00 00 00 00 00 00
2008:05:20-18:58:55 (none) pluto[13262]: "S_REF_dJGNAmdPfx_0" #1: ERROR: asynchronous network error report on eth1 for message to ***.***.***.XX port 500, complainant ***.***.***.***: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
2008:05:20-18:58:55 (none) pluto[13262]: | next event EVENT_RETRANSMIT in 37 seconds for #1
2008:05:20-18:58:56 (none) pluto[13262]: |
2008:05:20-18:58:56 (none) pluto[13262]: | *received whack message
2008:05:20-18:58:56 (none) pluto[13262]: | kernel_alg_esp_auth_keylen(auth=1, sadb_aalg=2): a_keylen=16
anyone any ideas?
This thread was automatically locked due to age.
