No luck getting site-to-site vpn going. And asking questions about that isn't helping. (Yes, I tried bridge mode and the previous suggestions given.)
Lets try a different tactic.
Can someone post a log example from a WORKING site to site connection. (USG20 if you have it . . . or any similar USG if you don't.)
From both sides if possible, or . . . at least from the initiator side.
Part of the problem I'm having, there are 8,000,000,000 examples in forums of peoples configurations & logs that do NOT work.
If I knew what it SHOULD look like (for IKE/IPSEC logs) . . . maybe it'd be more obvious how far I'm (not) making it . . . and so where the problem is.
Right now with only non-working examples posted from people asking for help . . . Basic connectivity to the other side, Phase 1?, Phase 2?
I know "main" goes through 5-6 or so exchanges, "aggressive" probably only 3. But I'm not sure those "interior" exchanges are logged individually, only the results of the final step. I have no clue from the "bad" logs I see, how far I am/am not, making it.
Either way . . . seeing a "working" example (of the log, not the config panels/files) will help.
Thanks,
jkh
↧