i'm having an issue with a VPN STS tunnel, after a poiwer outage, when the UTM came up the tunnel is not being established:
2013:12:27-17:56:33 inecoorono pluto[5577]: loading secrets from "/etc/ipsec.secrets"
2013:12:27-17:56:33 inecoorono pluto[5577]: loaded PSK secret for 201.212.109.*** 181.15.184.***
2013:12:27-17:56:33 inecoorono pluto[5577]: added connection description "S_REF_IpsSitIcr_0"
2013:12:27-17:56:33 inecoorono pluto[5577]: "S_REF_IpsSitIcr_0" #1: initiating Main Mode
2013:12:27-17:56:33 inecoorono pluto[5577]: ERROR: "S_REF_IpsSitIcr_0" #1: sendto on eth1 to 181.15.184.***:500 failed in main_outI1. Errno 1: Operation not permitted
2013:12:27-18:09:44 inecoorono pluto[5577]: "S_REF_IpsSitIcr_0" #1: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2013:12:27-18:09:44 inecoorono pluto[5577]: "S_REF_IpsSitIcr_0" #1: starting keying attempt 2 of an unlimited number
2013:12:27-18:09:44 inecoorono pluto[5577]: "S_REF_IpsSitIcr_0" #2: initiating Main Mode to replace #1
and that's it, the only thing different before the reboot is that the public IP changed.
All the definitions(remote network, remote gateway) are not bound to a specific interface(they're all in "any").
No packets reach the other side of the tunnel.
Also, i find it interesting that it's not resolving the tunnel name correctly in the logs showing that "REF_random" and when i open the livelog now it shows "S_ correct name"
i've disabled/enabled the tunnel, nothing changes, in fact, now it doesn't even give that error, it stays on ""S_Tunel a ICR" #1: initiating Main Mode"
This thread was automatically locked due to age.
