News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: Stubborn IPSEC VPN m0n0 <-> mono
Pages: [1]
Topic: Stubborn IPSEC VPN m0n0 <-> mono  (Read 2212 times)
« on: June 09, 2007, 09:45:11 »
rudivd *
Posts: 8
Hi all,

I have a VPN configured between 2 m0n0s on 4801 soekri running 1.231.
The one monowall has a number of vpns running without problems, all pre-
shared keys. If I install another remote office and add another vpn, this one
does work SOMETIMES....

The weird thing is that I cannot get up that particular VPN from the headoffice.
It keeps telling me in the log:
racoon: ERROR: phase1 negotiation failed due to time up. cccab1a3eb8d960d:0000000000000000

Things I'm sure of: Settings are the same on both sides, key is the same.
subnet masks are OK

If from the remote side try to get the VPN up, it sometimes (?!) works ....
I use aggesive mode, but main mode has the same issue.

The weird thing is that building up the VPN from one side works (kinda), from
the otherside doesn't... Also I cannot find anything wrong as I have a number
of VPNs running from the headoffices in the same fashion, that I can build up
without problems from both sides...

Any thoughts on this will be appriciated.
Rudi
« Reply #1 on: June 10, 2007, 13:36:18 »
rudivd *
Posts: 8
Hi all

Found the problem. The ADSL modem on the branch office did have an additional
firewall thet prevented incomming sessions. I did not think of that because it was
a new type of modem. (thomson 546, using the sip_spoof method).
Now that I completely disabled the firewall everything works.

Sorry for using the bandwith.

Rudi
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines