Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
785
Views
0
Helpful
0
Replies

RV110W site to site dropping

wilmoretc
Level 1
Level 1

‎09-17-2018 09:29 AM

I have a policy based site to site vpn to azure and it connects fine, but drops after like every hour and takes about 10 minutes to reconnect. I have tried a few configurations, but currently it is set as:

Phase 1:

encry - 3DES

auth - sha1

sa lifetime - 3600

DH group - 2

 

Phase 2:

encry - 3DES

integrity - sha1

sa lifetime - 28800

 

I get the below in logs:

137 2018-09-17 4:34:56 PM debug pluto[18632]: | *received pfkey message
138 2018-09-17 4:34:56 PM debug pluto[18632]: "sss-to-Azure-S2S" #1533: [Vpn Redundancy]: [/tmp/ipsecvpn/[sss-to-Azure-S2S]_redundancy_dialed] not exist!! maybe first master connected!!
139 2018-09-17 4:34:56 PM info pluto[18632]: "sss-to-Azure-S2S" #1533: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x75c76eaa <0xb7836ed9 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}
140 2018-09-17 4:34:56 PM debug pluto[18632]: "sss-to-Azure-S2S" #1533: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x75c76eaa <0xb7836ed9 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}
141 2018-09-17 4:34:56 PM debug pluto[18632]: "sss-to-Azure-S2S" #1533: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
142 2018-09-17 4:34:56 PM debug pluto[18632]: "sss-to-Azure-S2S" #1533: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME msgid=f2d6ec06
143 2018-09-17 4:34:56 PM debug pluto[18632]: "sss-to-Azure-S2S" #1533: IKE message has the Commit Flag set but Pluto doesn't implement this feature; ignoring flag
144 2018-09-17 4:34:56 PM debug pluto[18632]: "sss-to-Azure-S2S" #1533: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP to replace #1532 {using isakmp#1531 msgid:f2d6ec06 proposal=3DES(3)_192-SHA1(2)_160 pfsgroup=no-pfs} 145 2018-09-17 4:34:46 PM debug pluto[18632]: "sss-to-Azure-S2S" #1531: received and ignored informational message
146 2018-09-17 4:34:46 PM debug pluto[18632]: "Msss-to-Azure-S2S" #1531: received Delete SA payload: replace IPSEC State #1532 in 10 seconds
147 2018-09-17 4:31:07 PM debug syslog: igmp-proxy *** WLAN:8 SIOWLANSNPDELGRP 224.0.0.251 <-> 88:e9:fe:e4:b:d
148 2018-09-17 4:29:45 PM debug pluto[18632]: | pluto: pfkey fd is 12
149 2018-09-17 4:29:45 PM debug pluto[18632]: | *received pfkey message
150 2018-09-17 4:29:45 PM debug pluto[18632]: | pluto: pfkey fd is 12

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents