IPSEC disconnect after 1 minute

IPsec
Log in to reply
  • D

    Goodmorning everyone
    I created an ipsec

    SITE 1:

    pfSense:

    2.3.4-RELEASE-p1 (amd64)
    built on Fri Jul 14 14:52:43 CDT 2017
    FreeBSD 10.3-RELEASE-p19

    SITE 2:

    ZYWALL USG 100

    This Vpn connects but after a minute I have a disconnection.

    This is the log

    Apr 3 12:14:23 charon 05[IKE] <con1|5> peer not responding, trying again (3/3)
    Apr 3 12:14:23 charon 05[IKE] <con1|5> initiating Main Mode IKE_SA con1[5] to 93.186.247.188
    Apr 3 12:14:23 charon 05[ENC] <con1|5> generating ID_PROT request 0 [ SA V V V V V ]
    Apr 3 12:14:23 charon 05[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:14:24 charon 07[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
    Apr 3 12:14:24 charon 07[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:14:27 charon 09[IKE] <con1|5> sending retransmit 1 of request message ID 0, seq 1
    Apr 3 12:14:27 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:14:34 charon 09[IKE] <con1|5> sending retransmit 2 of request message ID 0, seq 1
    Apr 3 12:14:34 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:14:47 charon 15[IKE] <con1|5> sending retransmit 3 of request message ID 0, seq 1
    Apr 3 12:14:47 charon 15[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:15:10 charon 09[IKE] <con1|5> sending retransmit 4 of request message ID 0, seq 1
    Apr 3 12:15:10 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:15:39 charon 15[IKE] <con1|7> giving up after 5 retransmits
    Apr 3 12:15:39 charon 15[IKE] <con1|7> peer not responding, trying again (2/3)
    Apr 3 12:15:39 charon 15[IKE] <con1|7> initiating Main Mode IKE_SA con1[7] to
    Apr 3 12:15:39 charon 15[ENC] <con1|7> generating ID_PROT request 0 [ SA V V V V V ]
    Apr 3 12:15:39 charon 15[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:15:43 charon 12[IKE] <con1|7> sending retransmit 1 of request message ID 0, seq 1
    Apr 3 12:15:43 charon 12[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:15:51 charon 10[IKE] <con1|7> sending retransmit 2 of request message ID 0, seq 1
    Apr 3 12:15:51 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:15:52 charon 12[IKE] <con1|5> sending retransmit 5 of request message ID 0, seq 1
    Apr 3 12:15:52 charon 12[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:16:03 charon 10[IKE] <con1|7> sending retransmit 3 of request message ID 0, seq 1
    Apr 3 12:16:03 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:16:27 charon 12[IKE] <con1|7> sending retransmit 4 of request message ID 0, seq 1
    Apr 3 12:16:27 charon 12[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:17:08 charon 12[IKE] <con1|5> giving up after 5 retransmits
    Apr 3 12:17:08 charon 12[IKE] <con1|5> establishing IKE_SA failed, peer not responding
    Apr 3 12:17:09 charon 10[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
    Apr 3 12:17:09 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:18:24 charon 09[IKE] <con1|7> giving up after 5 retransmits
    Apr 3 12:18:24 charon 09[IKE] <con1|7> peer not responding, trying again (3/3)
    Apr 3 12:18:24 charon 09[IKE] <con1|7> initiating Main Mode IKE_SA con1[7] to
    Apr 3 12:18:24 charon 09[ENC] <con1|7> generating ID_PROT request 0 [ SA V V V V V ]
    Apr 3 12:18:24 charon 09[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:18:28 charon 16[IKE] <con1|7> sending retransmit 1 of request message ID 0, seq 1
    Apr 3 12:18:28 charon 16[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:18:36 charon 08[IKE] <con1|7> sending retransmit 2 of request message ID 0, seq 1
    Apr 3 12:18:36 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:18:49 charon 08[IKE] <con1|7> sending retransmit 3 of request message ID 0, seq 1
    Apr 3 12:18:49 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:19:12 charon 15[IKE] <con1|7> sending retransmit 4 of request message ID 0, seq 1
    Apr 3 12:19:12 charon 15[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:19:54 charon 08[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
    Apr 3 12:19:54 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
    Apr 3 12:21:10 charon 15[IKE] <con1|7> giving up after 5 retransmits
    Apr 3 12:21:10 charon 15[IKE] <con1|7> establishing IKE_SA failed, peer not responding

    Another strange thing

    From my Zywall I connect in ipsec to pfsense

    But from my pfsense if I click connect in IPSEC I can't connect

    Thank you all

    K 1 Reply 0
  • D

    6e2c4619-cdec-4112-a843-d88ebfd81ded-immagine.png

    After 60 seconds

    53e40e4b-5c50-4cf6-af70-fd106db2ce27-immagine.png

    0
  • K

    @danielino1981 said in IPSEC disconnect after 1 minute:

    ZYWALL USG 100

    Hi
    You need to check your ZyWALL USG 100 settings
    This device does not respond to requests (500 port)

    Apr 3 12:14:23 charon 05[IKE] <con1|5> peer not responding, trying again (3/3)
Apr 3 12:15:39 charon 15[IKE] <con1|7> peer not responding, trying again (2/3)
Apr 3 12:17:08 charon 12[IKE] <con1|5> establishing IKE_SA failed, peer not responding
Apr 3 12:18:24 charon 09[IKE] <con1|7> peer not responding, trying again (3/3)
Apr 3 12:21:10 charon 15[IKE] <con1|7> establishing IKE_SA failed, peer not responding
    0
  • D

    Vpn started.
    In this moment work!
    Thanksss!

    0
  • D

    Another question.
    I have a client that connects from the outside, and needs to connect with a vpn to the existing ipsec.
    What vpn should I create on Pfsense?

    L2TP?

    Is there any guide?

    Thanks

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy