IPSEC ERRORS tunnel stopped working
-
A business paprtner and I set up an IPSEC tunnel last Thursday and it has been working great all weekend. He is using a Sidewinder 7 and I am using Release 1.2 of PF Sense built on 1.2-RELEASE built on Sun Feb 24 17:13:15 EST 2008. Everything was working great until Sunday or Monday. I noticied that the Tunnel was down.
Here are the errors that we are recieving:
Sep 3 11:17:56 racoon: [Buiness Partner] : ERROR: 67.76.142.16 give up to get IPsec-SA due to time up to wait.
Sep 3 11:17:26 racoon: [Buiness Partner] : INFO: initiate new phase 2 negotiation: 208.17.66.204[0]<=>67.76.142.16[0]
Sep 3 11:17:19 racoon: [Buiness Partner] : ERROR: 67.76.142.16 give up to get IPsec-SA due to time up to wait.
Sep 3 11:16:49 racoon: [Buiness Partner] : INFO: initiate new phase 2 negotiation: 208.17.66.204[0]<=>67.76.142.16[0]The tunnel will not come back up. Neither of us have change anything on out firewall. Does any one have any thoughts.
The only change that I have made is that I have moved from a DELL SC440 to a DELL SC1500. The SC1500 has a raid controller with 2 groups of disk (3 9's and 2 18's each in it's own raid arrray. The on-board Intel adapter is working fine and the Intel 100 MB adapter is also working well. Past that there are no issues.
I have 8 tunnels and 3 are down two are experimental with remote clients using a vpn client and the other is my Business Partner. I need to get this issue resolved asap. any thoughs?
Ron Carter -
Hi,
First, what says the logs of the other side?
Regards
Heiko -
waiting to get word from by business partner
RC -
we might have the same issue… our band aid is to go into IPSEC, SAD , AND CLICK ON THE BOX WITH AN X AND DELETE ALL OF THEM...IN A FEW SECOND THE PING STARTS AGAIN..NOT SURE WHY..LOOKING INTO THIS
-
I have simular thing already have a post.
http://forum.pfsense.org/index.php/topic,12095.0.html