I need to set up an IPsec Tunnel between a Teltonik RUT241 and a Sophos UTM 9. I tried different configurations but I can’t establishe the tunnel.
I always get the error on Sophos UTM “Peer ID is ID_FQDN: ‘IP’” or on Teltonika “13[IKE] received INVALID_ID_INFORMATION error notify”
You can’t find my configuration.
So is public ip accessible from both side?
That error can be caused from different situation. Probably there is an error, when negotiating between network announcements appear.
I did mention you didn`t fill up, the fields on your RUT device, where is remote subnet is not set:
And on the side of Sophos, check if there is all correct!
So generally on RUT remote subnet – means local private or real IP just to provide tunnel peer identification by addressing virtual interfaces for the booth side of the tunnel, remember IP addresses should be from the same subnet for both sides, those ip work as an identifier, like a number of doors where located some resources, mostly used when you build some dynamic routing announcement like OSPF or BGP.
You can set your tunnel with operation mode Type: Transport, in this case, you don`t need to provide IP on the tunnel sides:
Also if you can to share with me logs from your device:
Here you can find how to download logs, System->Troubleshoot, which you can find here:
Thank you for your reply. I managed to build up a site-to-site tunnel between the Teltonika RUT241 and Sophos UTM.
But the tunnel only lasts 40s and after that it changes to “Disconnected”. I tried to figure out the problem but I couldn’t find a solution.
I always get this message “received ModeCfg message when in state STATE_MAIN_I4, and we aren’t mode config client” in the Sophos UTM. After this message the connection disappear.
On the Sophos UTM the site-to-site tunnel is still connected but on the Teltonika Router is the status “Disconnected”.
I have the logs, but I can’t attach them to this reply.
When you reply with message, here you can upload file, with using this function in top
Also remove any personal or sensitive information from log files.
This topic was automatically closed after 15 days. New replies are no longer allowed.