Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 6215 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM9 to Juniper SRX 100

Shway
I am having an issue connecting a Juniper SRX 100 to a Sophos UTM9 AWS instance. 

I am very new to Sophos and am unsure how to even get the output for the IPSEC tunnels. Please help!!


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Shway, and welcome to the User BB!

    Please disable debugging.  Then, disable the IPsec Connection, start the IPsec Live Log and enable the Connection.  Show us the lines from a single attempt to establish a tunnel.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, Shway, and welcome to the User BB!

    Please disable debugging.  Then, disable the IPsec Connection, start the IPsec Live Log and enable the Connection.  Show us the lines from a single attempt to establish a tunnel.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Hi, Shway, and welcome to the User BB!

    Please disable debugging.  Then, disable the IPsec Connection, start the IPsec Live Log and enable the Connection.  Show us the lines from a single attempt to establish a tunnel.

    Cheers - Bob


    Here ya go. Thanks for helping me scale down the logs


    2013:06:26-09:36:08 AMZN-VPN001 pluto[21517]: loading secrets from "/etc/ipsec.secrets"
    2013:06:26-09:36:08 AMZN-VPN001 pluto[21517]: loaded PSK secret for 192.168.120.228 216.123.159.210
    2013:06:26-09:36:08 AMZN-VPN001 pluto[21517]: added connection description "S_AllStream - Juniper"
    2013:06:26-09:36:08 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #1: initiating Main Mode
    2013:06:26-09:36:08 AMZN-VPN001 pluto[21517]: added connection description "X_AllStream - Juniper"
    2013:06:26-09:36:08 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
    2013:06:26-09:36:19 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
    2013:06:26-09:36:38 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: received Vendor ID payload [Dead Peer Detection]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-01]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-02]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [RFC 3947]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring Vendor ID payload [699369228741c6d4ca094c93e242c9de19e7b7c60000000500000500]
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: responding to Main Mode
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: ignoring informational payload, type IPSEC_INITIAL_CONTACT
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: Peer ID is ID_IPV4_ADDR: '216.123.159.210'
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: sent MR3, ISAKMP SA established
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #3: responding to Quick Mode
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: received Delete SA payload: deleting ISAKMP State #2
    2013:06:26-09:37:19 AMZN-VPN001 pluto[21517]: packet from 216.123.159.210:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML