Hi All,
We replaced our clients cisco router with a HUAWEI AR2220E, but we are now unable to utililse the IPSEC VPN that was working previously. It looks to not even initiate Phase 1 - the IPSEC VPN is being initiated on a Sophos UTM.
Here is output of the log from the UTM (not debug), but can provide that is it will assist;
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: adding interface eth0/eth0 10.10.0.254:4500
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: adding interface lo/lo 127.0.0.1:500
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: adding interface lo/lo 127.0.0.1:4500
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: adding interface lo/lo ::1:500
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: loading secrets from "/etc/ipsec.secrets"
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: loaded PSK secret for 220.x.x.227 59.x.x.130
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: HA System: not master, won't listen for IKE messages
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: added connection description "S_Bxx IpSec Connection"
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: added connection description "S_Bxx IpSec Connection"
2017:12:14-09:11:55 bcmutm-2 pluto[3417]: Pluto is now in slave mode
2017:12:14-09:12:05 bcmutm-1 pluto[18859]: "S_BxxIpSec Connection" #1: discarding duplicate packet; already STATE_MAIN_I3
2017:12:14-09:12:13 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #1: discarding duplicate packet; already STATE_MAIN_I3
2017:12:14-09:12:21 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #1: discarding duplicate packet; already STATE_MAIN_I3
2017:12:14-09:12:29 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #1: next payload type of ISAKMP Hash Payload has an unknown value: 254
2017:12:14-09:12:29 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #1: malformed payload in packet
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #1: starting keying attempt 2 of an unlimited number
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: initiating Main Mode to replace #1
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: ignoring Vendor ID payload [FRAGMENTATION c0000000]
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: ignoring Vendor ID payload [Cisco-Unity]
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: received Vendor ID payload [XAUTH]
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: ignoring Vendor ID payload [6f0421e63bb04ef80cdca67d290aa0a6]
2017:12:14-09:13:05 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: ignoring Vendor ID payload [Cisco VPN 3000 Series]
2017:12:14-09:13:15 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: discarding duplicate packet; already STATE_MAIN_I3
2017:12:14-09:13:23 bcmutm-1 pluto[18859]: "S_Bxx IpSec Connection" #2: discarding duplicate packet; already STATE_MAIN_I3
Any suggestions would be great!!
Thanks,
Daniel