Hello All,
Something odd is going on here. I had RUT500 for 2 years and my VPN was working with no issues between my EdgeMAX.
I have replaced RUT500 > RUT240 and VPN was ok for couple weeks then it failed. l took tcpdump from EdgeMAX as well as from RUT240 and was not able to see any traffic or attempts to establish the tunnel from the RU240 (it is set in active mode, EdgeMAX passively waiting for the IKE packets). Weird thing is that the RUT is attempting to establish the VPN using the IPv6 (if l am reading logs correctly):
Sun Oct 28 19:29:47 2018 daemon.info syslog: 13[IKE] sending retransmit 5 of request message ID 0, seq 1
Sun Oct 28 19:31:03 2018 daemon.info syslog: 12[IKE] giving up after 5 retransmits
Sun Oct 28 19:31:03 2018 daemon.info syslog: 12[IKE] peer not responding, trying again (9/0)
Sun Oct 28 19:31:03 2018 daemon.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:31:03 2018 daemon.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:31:03 2018 authpriv.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:31:03 2018 authpriv.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:31:07 2018 daemon.info syslog: 14[IKE] sending retransmit 1 of request message ID 0, seq 1
Sun Oct 28 19:31:14 2018 daemon.info syslog: 15[IKE] sending retransmit 2 of request message ID 0, seq 1
Sun Oct 28 19:31:27 2018 daemon.info syslog: 06[IKE] sending retransmit 3 of request message ID 0, seq 1
Sun Oct 28 19:31:51 2018 daemon.info syslog: 05[IKE] sending retransmit 4 of request message ID 0, seq 1
Sun Oct 28 19:32:33 2018 daemon.info syslog: 08[IKE] sending retransmit 5 of request message ID 0, seq 1
Sun Oct 28 19:33:48 2018 daemon.info syslog: 07[IKE] giving up after 5 retransmits
Sun Oct 28 19:33:48 2018 daemon.info syslog: 07[IKE] peer not responding, trying again (10/0)
Sun Oct 28 19:33:49 2018 daemon.info syslog: 07[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:33:49 2018 daemon.info syslog: 07[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:33:49 2018 authpriv.info syslog: 07[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:33:49 2018 authpriv.info syslog: 07[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:33:53 2018 daemon.info syslog: 09[IKE] sending retransmit 1 of request message ID 0, seq 1
Sun Oct 28 19:34:00 2018 daemon.info syslog: 16[IKE] sending retransmit 2 of request message ID 0, seq 1
Sun Oct 28 19:34:13 2018 daemon.info syslog: 11[IKE] sending retransmit 3 of request message ID 0, seq 1
Sun Oct 28 19:34:37 2018 daemon.info syslog: 10[IKE] sending retransmit 4 of request message ID 0, seq 1
Sun Oct 28 19:35:19 2018 daemon.info syslog: 13[IKE] sending retransmit 5 of request message ID 0, seq 1
Sun Oct 28 19:36:34 2018 daemon.info syslog: 12[IKE] giving up after 5 retransmits
Sun Oct 28 19:36:34 2018 daemon.info syslog: 12[IKE] peer not responding, trying again (11/0)
Sun Oct 28 19:36:37 2018 daemon.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:36:37 2018 daemon.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:36:37 2018 authpriv.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Sun Oct 28 19:36:37 2018 authpriv.info syslog: 12[IKE] initiating Main Mode IKE_SA EdgeMAX[1] to 64:ff9b::522f:833a
Any ideas?
UPDATE:
RUT240 has Remote VPN endpoint set for DNS name. As soon as l changed it to the IP, VPN came back online with no issue. While pinning the DNS name of the remote peer it resolves to the correct IP. So l am not sure if it is ISP DNS or device`s issue:
Thanks,
Mykhaylo