4. Azure Ipsec tunnels ERROR: failed to get sainfo.

Azure Ipsec tunnels ERROR: failed to get sainfo.

  • G

    I'm trying to get 4 tunnels running between azure and pfsense. They seem to working, I can ping etc but the connection keeps momentarily dropping all the time.

    The network in Azure is as follows:

    Address space:

    10.0.0.0/16

    Subnets:

    Az1: 10.0.1.0/21
    Az2: 10.0.8.0/21
    Az3: 10.0.128.0/21

    The local subnets are:

    L1: 10.1.0.0/24
    L2: 192.168.1.0/24
    L3: 192.168.2.0/24

    And I want the following tunnels:

    Az1 <-> L2
    Az2 <-> L1
    Az3 <-> L2
    Az3 <-> L3

    In the verbose ipsec logs it's complaining about mismatching subnets:

    Oct 17 13:23:44	racoon: DEBUG: getsainfo params: loc='10.1.0.0/24' rmt='10.0.0.0/16' peer='1.1.1.1' client='1.1.1.1' id=1
Oct 17 13:23:44	racoon: DEBUG: evaluating sainfo: loc='10.1.0.0/24', rmt='10.0.8.0/21', peer='ANY', id=1
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.0.0.0/16'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '10.0.8.0/21'
Oct 17 13:23:44	racoon: DEBUG: evaluating sainfo: loc='192.168.1.0/24', rmt='10.0.128.0/21', peer='ANY', id=1
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '192.168.1.0/24'
Oct 17 13:23:44	racoon: DEBUG: evaluating sainfo: loc='192.168.2.0/24', rmt='10.0.128.0/21', peer='ANY', id=1
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '192.168.2.0/24'
Oct 17 13:23:44	racoon: ERROR: failed to get sainfo.
Oct 17 13:23:44	racoon: ERROR: failed to get sainfo.
Oct 17 13:23:44	racoon: [azure]: [1.1.1.1] ERROR: failed to pre-process ph2 packet [Check Phase 2 settings, networks] (side: 1, status: 1).
Oct 17 13:23:44	racoon: DEBUG: IV freed

Can anyone see what's wrong? I want to start doing some large data transfers to Azure but can't if the tunnels keep dropping![/azure]
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy