This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

site to site with Cisco 3030 concentrator

I'm running v.9.111.7 (as of yesterday). Since the upgrade to this patch to fix heartbleed, I've got 1 (out of 35) vpn tunnels that won't reestablish.

I don't have any evidence to suggest it's related to the patch, but neither I nor the network admin at the other end made any other changes in the last 24 hours.

The error I'm seeing in the UTM logs when the tunnel tries to come up is:

2014:04:11-10:09:59 qcpfw pluto[18134]: ERROR: "S_REF_IpsSitViaChristi_0" #200: sendto on eth0 to ***.***.***.***:500 failed in main_outI1. Errno 1: Operation not permitted

Again, 34 other site-to-site ipsec tunnels continue to work just fine.

Anyone have a clue what that error message might indicate?

This thread was automatically locked due to age.

Parents

0 BAlfson over 11 years ago

Sometimes, a definition gets damaged in an upgrade, so the easiest is to delete the IPsec Connection and Remote Gateway and then create them anew. Any luck with that?

Cheers - Bob

Sorry for any short responses. Posted from my iPhone.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 11 years ago

Sometimes, a definition gets damaged in an upgrade, so the easiest is to delete the IPsec Connection and Remote Gateway and then create them anew. Any luck with that?

Cheers - Bob

Sorry for any short responses. Posted from my iPhone.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data