04-20-2022 12:42 PM
Good afternoon everyone. Earlier today we had a failure of our VPN tunnel to one of our medical application servers in the cloud. The server is hosted by a 3rd party and we have VPN tunnels built to it from our locations. At 7:48 am this morning our IKE phase one failed with the following message. "IKE phase-1 negotiation is started as responder, main mode. Failed SA: x.x.x.x[500]-x.x.x.x[500] cookie:xxxxxxxxxxxxxxxxxxxxxxxx. Due to timeout. After opening a ticket with the 3rd party to have them look at their end of the tunnel, I proceeded to clear vpn ike-sa gateway and clear vpn ipsec-sa tunnel from the firewall and then used the test vpn commands to spin the tunnels back up. I still received the same error message as before. I then went in and cleared all sessions that had anything to do with my tunnel and that still did not help. As a last resort, I remotely rebooted the firewall, (I am about 1 1/2 hours from this location). After the reboot, the tunnel came back up and began to work. Has anyone else ever seen this issue before?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
