$ sudo ipsec up peer-sombody.no-ip.org-tunnel-1 initiating Main Mode IKE_SA peer-sombody.no-ip.org-tunnel-1[5] to their.ip.xx generating ID_PROT request 0 [ SA V V V V ] sending packet: from my.ip.xx[500] to their.ip.xx[500] (156 bytes) received packet: from their.ip.xx[500] to my.ip.xx[500] (128 bytes) parsed ID_PROT response 0 [ SA V V ] received NAT-T (RFC 3947) vendor ID received FRAGMENTATION vendor ID generating ID_PROT request 0 [ KE No NAT-D NAT-D ] sending packet: from my.ip.xx[500] to their.ip.xx[500] (244 bytes) received packet: from their.ip.xx[500] to my.ip.xx[500] (304 bytes) parsed ID_PROT response 0 [ KE No V V V V NAT-D NAT-D ] received Cisco Unity vendor ID received XAuth vendor ID received unknown vendor ID: 2b:42:2c:c0:f1:cf:e0:d2:1b:b4:ae:5f:e3:1c:82:0b received unknown vendor ID: 1f:07:f7:0e:aa:65:14:d3:b0:fa:96:54:2a:50:01:00 generating INFORMATIONAL_V1 request 1953053623 [ N(INVAL_KE) ] sending packet: from my.ip.xx[500] to their.ip.xx[500] (56 bytes) establishing connection 'peer-sombody.no-ip.org-tunnel-1' failed
ubnt@ubnt# show vpn
ipsec {
auto-firewall-nat-exclude disable
esp-group FOO0 {
compression disable
lifetime 28800
mode tunnel
pfs disable
proposal 1 {
encryption aes256
hash sha1
}
}
ike-group FOO0 {
ikev2-reauth no
key-exchange ikev1
lifetime 28800
proposal 1 {
dh-group 2
encryption aes256
hash sha1
}
}
ipsec-interfaces {
interface eth0
}
nat-networks {
allowed-network 0.0.0.0/0 {
}
}
nat-traversal enable
site-to-site {
peer sombody.no-ip.org {
authentication {
mode pre-shared-secret
pre-shared-secret somekey
}
connection-type initiate
description "sombody Network"
ike-group FOO0
ikev2-reauth inherit
local-address any
tunnel 1 {
allow-nat-networks disable
allow-public-networks disable
esp-group FOO0
local {
prefix 192.168.0.0/24
}
remote {
prefix 172.16.1.3/32
}
}
}
}
}
any ideas?