IPSEC ERRORS tunnel stopped working
A business paprtner and I set up an IPSEC tunnel last Thursday and it has been working great all weekend. He is using a Sidewinder 7 and I am using Release 1.2 of PF Sense built on 1.2-RELEASE built on Sun Feb 24 17:13:15 EST 2008. Everything was working great until Sunday or Monday. I noticied that the Tunnel was down.
Here are the errors that we are recieving:
Sep 3 11:17:56 racoon: [Buiness Partner] : ERROR: 18.104.22.168 give up to get IPsec-SA due to time up to wait.
Sep 3 11:17:26 racoon: [Buiness Partner] : INFO: initiate new phase 2 negotiation: 22.214.171.124<=>126.96.36.199
Sep 3 11:17:19 racoon: [Buiness Partner] : ERROR: 188.8.131.52 give up to get IPsec-SA due to time up to wait.
Sep 3 11:16:49 racoon: [Buiness Partner] : INFO: initiate new phase 2 negotiation: 184.108.40.206<=>220.127.116.11
The tunnel will not come back up. Neither of us have change anything on out firewall. Does any one have any thoughts.
The only change that I have made is that I have moved from a DELL SC440 to a DELL SC1500. The SC1500 has a raid controller with 2 groups of disk (3 9's and 2 18's each in it's own raid arrray. The on-board Intel adapter is working fine and the Intel 100 MB adapter is also working well. Past that there are no issues.
I have 8 tunnels and 3 are down two are experimental with remote clients using a vpn client and the other is my Business Partner. I need to get this issue resolved asap. any thoughs?
First, what says the logs of the other side?
waiting to get word from by business partner
we might have the same issue… our band aid is to go into IPSEC, SAD , AND CLICK ON THE BOX WITH AN X AND DELETE ALL OF THEM...IN A FEW SECOND THE PING STARTS AGAIN..NOT SURE WHY..LOOKING INTO THIS
I have simular thing already have a post.