Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 6215 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM9 to Juniper SRX 100

Shway
I am having an issue connecting a Juniper SRX 100 to a Sophos UTM9 AWS instance. 

I am very new to Sophos and am unsure how to even get the output for the IPSEC tunnels. Please help!!


This thread was automatically locked due to age.
Parents
  • 0
    No Luck

    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [RFC 3947]
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [699369228741c6d4ca094c93e242c9de19e7b7c60000000500000500]
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: responding to Main Mode from unknown peer 216.123.159.210
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: ignoring informational payload, type IPSEC_INITIAL_CONTACT
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: Peer ID is ID_IPV4_ADDR: '216.123.159.210'
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: sent MR3, ISAKMP SA established
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #4: responding to Quick Mode
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: received Delete SA payload: deleting ISAKMP State #3
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: deleting connection "S_AllStream - Juniper"[1] instance with peer 216.123.159.210 {isakmp=#3/ipsec=#0}
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: received Vendor ID payload [Dead Peer Detection]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-01]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-02]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [RFC 3947]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [699369228741c6d4ca094c93e242c9de19e7b7c60000000500000500]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: responding to Main Mode from unknown peer 216.123.159.210
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: ignoring informational payload, type IPSEC_INITIAL_CONTACT
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: Peer ID is ID_IPV4_ADDR: '216.123.159.210'
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: sent MR3, ISAKMP SA established
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #6: responding to Quick Mode
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: received Delete SA payload: deleting ISAKMP State #5
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: deleting connection "S_AllStream - Juniper"[2] instance with peer 216.123.159.210 {isakmp=#5/ipsec=#0}


    Interesting thing though the Site-to-site VPN tunnel status is empty. The IPSEC connection isn't showing up there.
Reply
  • 0
    No Luck

    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [RFC 3947]
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [699369228741c6d4ca094c93e242c9de19e7b7c60000000500000500]
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: responding to Main Mode from unknown peer 216.123.159.210
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: ignoring informational payload, type IPSEC_INITIAL_CONTACT
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: Peer ID is ID_IPV4_ADDR: '216.123.159.210'
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: sent MR3, ISAKMP SA established
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #4: responding to Quick Mode
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: received Delete SA payload: deleting ISAKMP State #3
    2013:06:26-12:38:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[1] 216.123.159.210 #3: deleting connection "S_AllStream - Juniper"[1] instance with peer 216.123.159.210 {isakmp=#3/ipsec=#0}
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: received Vendor ID payload [Dead Peer Detection]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-01]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-stenberg-ipsec-nat-traversal-02]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [RFC 3947]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: packet from 216.123.159.210:500: ignoring Vendor ID payload [699369228741c6d4ca094c93e242c9de19e7b7c60000000500000500]
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: responding to Main Mode from unknown peer 216.123.159.210
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: ignoring informational payload, type IPSEC_INITIAL_CONTACT
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: Peer ID is ID_IPV4_ADDR: '216.123.159.210'
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: sent MR3, ISAKMP SA established
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #6: responding to Quick Mode
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: received Delete SA payload: deleting ISAKMP State #5
    2013:06:26-12:39:52 AMZN-VPN001 pluto[4308]: "S_AllStream - Juniper"[2] 216.123.159.210 #5: deleting connection "S_AllStream - Juniper"[2] instance with peer 216.123.159.210 {isakmp=#5/ipsec=#0}


    Interesting thing though the Site-to-site VPN tunnel status is empty. The IPSEC connection isn't showing up there.
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML