Hi All,
I have followed the guide: http://vyos.net/wiki/User_Guide#Site-to-Site
and double checked evrything few times, still cannot get the VPN tunnel UP
I have site to site VPN between :
- vyos and Cisco ASA
- vyos and AWS VPC (AWS buit-in VPN)
working with no problems
but vyos to vyos I cannot get working, this the the output for “monitor vpn ipsec”:
VPN-IPSEC: packet from <PEER_IP>:500: received Vendor ID payload [strongSwan]
VPN-IPSEC: packet from <PEER_IP>:500: ignoring Vendor ID payload [Cisco-Unity]
VPN-IPSEC: packet from <PEER_IP>:500: received Vendor ID payload [XAUTH]
VPN-IPSEC: packet from <PEER_IP>:500: received Vendor ID payload [Dead Peer Detection]
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: responding to Main Mode
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: Peer ID is ID_IPV4_ADDR: ‘10.71.19.17’
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: no suitable connection for peer ‘10.71.19.17’
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: sending encrypted notification INVALID_ID_INFORMATION to <PEER_IP>:500
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #4: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #4: starting keying attempt 3 of an unlimited number
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: initiating Main Mode to replace #4
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: received Vendor ID payload [strongSwan]
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: ignoring Vendor ID payload [Cisco-Unity]
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: received Vendor ID payload [XAUTH]
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: received Vendor ID payload [Dead Peer Detection]
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: ignoring informational payload, type INVALID_ID_INFORMATION
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: Peer ID is ID_IPV4_ADDR: ‘10.71.19.17’
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: no suitable connection for peer ‘10.71.19.17’
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: sending encrypted notification INVALID_ID_INFORMATION to <PEER_IP>:500
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: next payload type of ISAKMP Hash Payload has an unknown value: 218
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: malformed payload in packet
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: discarding duplicate packet; already STATE_MAIN_I3
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: Peer ID is ID_IPV4_ADDR: ‘10.71.19.17’
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: no suitable connection for peer ‘10.71.19.17’
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: sending encrypted notification INVALID_ID_INFORMATION to <PEER_IP>:500
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: discarding duplicate packet; already STATE_MAIN_I3
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: next payload type of ISAKMP Hash Payload has an unknown value: 142
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #6: malformed payload in packet
VPN-IPSEC: “peer-<PEER_IP>-tunnel-1” #5: max number of retransmissions (2) reached STATE_MAIN_R2
Please advise.