IPSEC disconnect after 1 minute
-
Goodmorning everyone
I created an ipsecSITE 1:
pfSense:
2.3.4-RELEASE-p1 (amd64)
built on Fri Jul 14 14:52:43 CDT 2017
FreeBSD 10.3-RELEASE-p19SITE 2:
ZYWALL USG 100
This Vpn connects but after a minute I have a disconnection.
This is the log
Apr 3 12:14:23 charon 05[IKE] <con1|5> peer not responding, trying again (3/3)
Apr 3 12:14:23 charon 05[IKE] <con1|5> initiating Main Mode IKE_SA con1[5] to 93.186.247.188
Apr 3 12:14:23 charon 05[ENC] <con1|5> generating ID_PROT request 0 [ SA V V V V V ]
Apr 3 12:14:23 charon 05[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:14:24 charon 07[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
Apr 3 12:14:24 charon 07[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:14:27 charon 09[IKE] <con1|5> sending retransmit 1 of request message ID 0, seq 1
Apr 3 12:14:27 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:14:34 charon 09[IKE] <con1|5> sending retransmit 2 of request message ID 0, seq 1
Apr 3 12:14:34 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:14:47 charon 15[IKE] <con1|5> sending retransmit 3 of request message ID 0, seq 1
Apr 3 12:14:47 charon 15[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:15:10 charon 09[IKE] <con1|5> sending retransmit 4 of request message ID 0, seq 1
Apr 3 12:15:10 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:15:39 charon 15[IKE] <con1|7> giving up after 5 retransmits
Apr 3 12:15:39 charon 15[IKE] <con1|7> peer not responding, trying again (2/3)
Apr 3 12:15:39 charon 15[IKE] <con1|7> initiating Main Mode IKE_SA con1[7] to
Apr 3 12:15:39 charon 15[ENC] <con1|7> generating ID_PROT request 0 [ SA V V V V V ]
Apr 3 12:15:39 charon 15[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:15:43 charon 12[IKE] <con1|7> sending retransmit 1 of request message ID 0, seq 1
Apr 3 12:15:43 charon 12[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:15:51 charon 10[IKE] <con1|7> sending retransmit 2 of request message ID 0, seq 1
Apr 3 12:15:51 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:15:52 charon 12[IKE] <con1|5> sending retransmit 5 of request message ID 0, seq 1
Apr 3 12:15:52 charon 12[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:16:03 charon 10[IKE] <con1|7> sending retransmit 3 of request message ID 0, seq 1
Apr 3 12:16:03 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:16:27 charon 12[IKE] <con1|7> sending retransmit 4 of request message ID 0, seq 1
Apr 3 12:16:27 charon 12[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:17:08 charon 12[IKE] <con1|5> giving up after 5 retransmits
Apr 3 12:17:08 charon 12[IKE] <con1|5> establishing IKE_SA failed, peer not responding
Apr 3 12:17:09 charon 10[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
Apr 3 12:17:09 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:18:24 charon 09[IKE] <con1|7> giving up after 5 retransmits
Apr 3 12:18:24 charon 09[IKE] <con1|7> peer not responding, trying again (3/3)
Apr 3 12:18:24 charon 09[IKE] <con1|7> initiating Main Mode IKE_SA con1[7] to
Apr 3 12:18:24 charon 09[ENC] <con1|7> generating ID_PROT request 0 [ SA V V V V V ]
Apr 3 12:18:24 charon 09[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:18:28 charon 16[IKE] <con1|7> sending retransmit 1 of request message ID 0, seq 1
Apr 3 12:18:28 charon 16[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:18:36 charon 08[IKE] <con1|7> sending retransmit 2 of request message ID 0, seq 1
Apr 3 12:18:36 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:18:49 charon 08[IKE] <con1|7> sending retransmit 3 of request message ID 0, seq 1
Apr 3 12:18:49 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:19:12 charon 15[IKE] <con1|7> sending retransmit 4 of request message ID 0, seq 1
Apr 3 12:19:12 charon 15[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:19:54 charon 08[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
Apr 3 12:19:54 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
Apr 3 12:21:10 charon 15[IKE] <con1|7> giving up after 5 retransmits
Apr 3 12:21:10 charon 15[IKE] <con1|7> establishing IKE_SA failed, peer not respondingAnother strange thing
From my Zywall I connect in ipsec to pfsense
But from my pfsense if I click connect in IPSEC I can't connect
Thank you all
-
After 60 seconds
-
@danielino1981 said in IPSEC disconnect after 1 minute:
ZYWALL USG 100
Hi
You need to check your ZyWALL USG 100 settings
This device does not respond to requests (500 port)Apr 3 12:14:23 charon 05[IKE] <con1|5> peer not responding, trying again (3/3) Apr 3 12:15:39 charon 15[IKE] <con1|7> peer not responding, trying again (2/3) Apr 3 12:17:08 charon 12[IKE] <con1|5> establishing IKE_SA failed, peer not responding Apr 3 12:18:24 charon 09[IKE] <con1|7> peer not responding, trying again (3/3) Apr 3 12:21:10 charon 15[IKE] <con1|7> establishing IKE_SA failed, peer not responding
-
Vpn started.
In this moment work!
Thanksss! -
Another question.
I have a client that connects from the outside, and needs to connect with a vpn to the existing ipsec.
What vpn should I create on Pfsense?L2TP?
Is there any guide?
Thanks