On Sat, Jul 17, 2010 at 10:09 AM, Paul Peziol <[email protected]> wrote:
> Have a site-site tunnel between home and work. Had issues getting the > tunnels to work initially. Once they were up they were stable for a few > weeks. Rebooted the home router this morning and the tunnel does not come > back up. Went into IPSEC and re-saved the tunnels and still does not come > up. Get this error > > ERROR: phase2 negotiation failed due to time up waiting for phase1 > > Jul 17 09:01:11 racoon: *[]*: INFO: initiate new phase 1 negotiation: HOME > WAN[500]<=>OFFICE WAN[500] Jul 17 09:01:11 racoon: INFO: begin Aggressive > mode. Jul 17 09:01:36 racoon: INFO: request for establishing IPsec-SA was > queued due to no phase1 found. Jul 17 09:01:44 racoon: *[]*: ERROR: > phase2 negotiation failed due to time up waiting for phase1. ESP OFFICE > WAN[0]->HOME WAN[0] Jul 17 09:01:44 racoon: INFO: delete phase 2 handler. > Jul > 17 09:02:01 racoon: ERROR: phase1 negotiation failed due to time up. > dd42e11e42fc3dcb:0000000000000000 > Puzzled why it would work until a reboot. IPSEC status shows *No IPsec > security associations.* > I tried to delete the tunnels under SPD, resave the ipsec settings. The spd > gets recreated but still no tunnel and the above messages. > * > > * You say between home and work. Is it possible that you have a dynamic IP at home and a reboot of your modem pulled down a new IP address? This could potentially have disrupted the IPSec tunnel.
