Hi!
I have a couple of questions regarding issues with a failed attempt to create more than one tunnel to the same Cisco device.
First if I ever use any interface other than eth1 to setup an IPSec tunnel, the ASG complains with:
2015:05:18-10:50:17 qfw1 pluto[30024]: ERROR: "S_REF_tunnelname_0" #557: sendto on ethX to X.X.X.X:500 failed in main_outI1. Errno 1: Operation not permitted
Please how do I allow IKE out of any of the interfaces (except Internal)?
I have seen a few posts where the network definition binding the IPSec to a specific interface was the problem, but I've checked my Gateway configurations and I have Local interface "Any" on all of them.
Second, I have tried to setup a new IPSec tunnel with the same c2961 but I am attempting to use a different PSK and different interfaces (eth4 for peer and eth6 for host for the new tunnel, against eth1 for peer and private addresses for hosts in the existing tunnel.)
I see this error in the logs:
2015:05:18-11:03:49 qfw1 pluto[30024]: "S_REF_NewTunnel_0" #737: Informational Exchange message is invalid because it has a Message ID of 0
Please what could cause this problem and how can I fix it?
Thanks in advance!
This thread was automatically locked due to age.
