Hey all,
I've recently done a fresh UTM 9 install into my VMWare environment and run into an issue with the IPSec VPN for a site to site link.
I'm using certificate based IPSec due to a dynamic IP on one end, the VPN tunnel came up ok last night and was working this morning till some the service's IP changed. I fixed up the dyndns on the remote end and the tunnel came up ok but then dropped after a few minutes. Looking in the Astaro logs it simply said that pluto had shut down.
I turned that tunnel off and on via both the Astaro and the remote end (note that the remote end is servicing other IPSec tunnels without issue) and recreated the configuration on the Astaro end and it just doesn't do anything. Nothing comes up in the IPSec logs.
Tried a restart of the unit and again nothing started up. My final solution was to roll back to an earlier config and reboot which brought it online. However the same issue has happened again which doesn't make any sense. Nothing appears in the logs and it just doesn't start the tunnel.
It doesn't even list it as trying within the interface (Site to Site VPN main heading). It simply lists "There is no Site-to-site VPN status information available". When it was down this morning at least it showed that there was a tunnel there but down.
Has anyone come across this? I really don't want to have to keep restoring the config and rebooting to fix it but I am a little confused as to why it is failing in this way.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
