Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2912 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN between ASG 220 and Watchguard Firebox X550e

Astaro-Germane
Hello,

i am trying to establishg a site to site VPN to a Watchguard but the only thing i get in the IPSec log is:

2010:08:09-11:17:56 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [Dead Peer Detection]
2010:08:09-11:17:56 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2010:08:09-11:17:56 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #344: responding to Main Mode
2010:08:09-11:17:58 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [Dead Peer Detection]
2010:08:09-11:17:58 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2010:08:09-11:17:58 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #345: responding to Main Mode
2010:08:09-11:18:01 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [Dead Peer Detection]
2010:08:09-11:18:01 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2010:08:09-11:18:01 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #346: responding to Main Mode
2010:08:09-11:18:04 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [Dead Peer Detection]
2010:08:09-11:18:04 (none) pluto[28923]: packet from 85.223.44.257:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2010:08:09-11:18:04 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #347: responding to Main Mode
2010:08:09-11:19:06 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #344: max number of retransmissions (2) reached STATE_MAIN_R1
2010:08:09-11:19:08 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #345: max number of retransmissions (2) reached STATE_MAIN_R1
2010:08:09-11:19:11 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #346: max number of retransmissions (2) reached STATE_MAIN_R1
2010:08:09-11:19:14 (none) pluto[28923]: "S_REF_GmqfTwuFIM_0" #347: max number of retransmissions (2) reached STATE_MAIN_R1

So it failes in a pretty early state of the whole process. I have never seen draft-ietf-ipsec-nat-t-ike-02_n in the log before and i don't know how to deal with it.

Unfortunately i cannot administrate the remote site.

The settings are:

IKE: AES 128, MD5, DH=Group 2 MODP 1024
IPSec: AES 128, MD5, no PFS.

Any ideas?

Thanks in advance


This thread was automatically locked due to age.
Parents Reply Children
No Data