Hi ive configured a IPSec VPN Tunnel between a RUT955 firewall (Firmware version : RUT9_R_00.07.05 ) and a checkpoint firewall running Gaia OS
The tunnel is up as you can see here
root@Teltonika-RUT955:~# ipsec status
Security Associations (1 up, 0 connecting):
BLV-BLV_c[28]: ESTABLISHED 16 minutes ago, xx.xxx.xxx.xx[xx.xxx.xxx.xx]…xx.xxx.xxx.xx[xx.xxx.xxx.xx]
BLV-BLV_c{44}: INSTALLED, TUNNEL, reqid 1, ESP SPIs: cac94a93_i a49518ca_o
BLV-BLV_c{44}: 172.16.xx.0/24 === 192.168.xx.0/24
root@Teltonika-RUT955:~#
From the checkpoint side i can ping the RUT955 local ip address, i can ping pc behind the RUT955 firewall and access shared folder. I can also go in ssh to the RUT955 firewall without issues
The issue is when i’m accessing the RUT955 web interface from checkpoint side. It’s really slow and when im logging in the web page start to load slowly and then it failed to load and return to the login screen
Here are some vpn logs from the RUT955 firewall
Wed Oct 11 16:02:53 2023 daemon.info ipsec: 13[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:02:53 2023 daemon.info ipsec: 13[ENC] <BLV-BLV_c|28> parsed QUICK_MODE request 4021424817 [ HASH SA No ID ID ]
Wed Oct 11 16:02:53 2023 daemon.info ipsec: 13[IKE] <BLV-BLV_c|28> no matching CHILD_SA config found for xx.xxx.xxx.xx/32 === 172.16.xx.0/24
Wed Oct 11 16:02:53 2023 daemon.info ipsec: 13[ENC] <BLV-BLV_c|28> generating INFORMATIONAL_V1 request 2346106526 [ HASH N(INVAL_ID) ]
Wed Oct 11 16:02:53 2023 daemon.info ipsec: 13[NET] <BLV-BLV_c|28> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:02:55 2023 daemon.info ipsec: 12[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:02:55 2023 daemon.info ipsec: 12[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:02:57 2023 daemon.info ipsec: 10[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:02:57 2023 daemon.info ipsec: 10[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:02:59 2023 daemon.info ipsec: 06[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:02:59 2023 daemon.info ipsec: 06[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:01 2023 daemon.info ipsec: 15[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:01 2023 daemon.info ipsec: 15[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:03 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:03 2023 daemon.info ipsec: 16[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:05 2023 daemon.info ipsec: 14[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:05 2023 daemon.info ipsec: 14[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:09 2023 daemon.info ipsec: 07[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:09 2023 daemon.info ipsec: 07[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:13 2023 daemon.info ipsec: 12[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:13 2023 daemon.info ipsec: 12[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:17 2023 daemon.info ipsec: 09[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:17 2023 daemon.info ipsec: 09[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:21 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:21 2023 daemon.info ipsec: 16[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:25 2023 daemon.info ipsec: 10[NET] <BLV-BLV_c|28> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:25 2023 daemon.info ipsec: 10[IKE] <BLV-BLV_c|28> received retransmit of request with ID 4021424817, but no response to retransmit
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[IKE] <BLV-BLV_c|28> detected reauth of existing IKE_SA, adopting 1 children and 0 virtual IPs
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[IKE] <BLV-BLV_c|28> schedule delete of duplicate IKE_SA for peer ‘xx.xxx.xxx.xx’ due to uniqueness policy and suspected reauthentication
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[IKE] <BLV-BLV_c|29> IKE_SA BLV-BLV_c[29] established between xx.xxx.xxx.xx[xx.xxx.xxx.xx]…xx.xxx.xxx.xx[xx.xxx.xxx.xx]
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[IKE] <BLV-BLV_c|29> scheduling reauthentication in 85347s
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[IKE] <BLV-BLV_c|29> maximum IKE_SA lifetime 85887s
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[ENC] <BLV-BLV_c|29> generating ID_PROT response 0 [ ID HASH ]
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 14[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 16[ENC] <BLV-BLV_c|29> parsed QUICK_MODE request 1556826128 [ HASH SA No ID ID ]
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 16[IKE] <BLV-BLV_c|29> no matching CHILD_SA config found for xx.xxx.xxx.xx/32 === 172.16.xx.0/24
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 16[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 568607001 [ HASH N(INVAL_ID) ]
Wed Oct 11 16:03:29 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:31 2023 daemon.info ipsec: 10[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:31 2023 daemon.info ipsec: 10[IKE] <BLV-BLV_c|29> received retransmit of request with ID 1556826128, but no response to retransmit
Wed Oct 11 16:03:33 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:33 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> received retransmit of request with ID 1556826128, but no response to retransmit
Wed Oct 11 16:03:35 2023 daemon.info ipsec: 12[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:35 2023 daemon.info ipsec: 12[IKE] <BLV-BLV_c|29> received retransmit of request with ID 1556826128, but no response to retransmit
Wed Oct 11 16:03:37 2023 daemon.info ipsec: 08[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:37 2023 daemon.info ipsec: 08[IKE] <BLV-BLV_c|29> received retransmit of request with ID 1556826128, but no response to retransmit
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 09[IKE] <BLV-BLV_c|28> deleting IKE_SA BLV-BLV_c[28] between xx.xxx.xxx.xx[xx.xxx.xxx.xx]…xx.xxx.xxx.xx[xx.xxx.xxx.xx]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 09[IKE] <BLV-BLV_c|28> sending DELETE for IKE_SA BLV-BLV_c[28]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 09[ENC] <BLV-BLV_c|28> generating INFORMATIONAL_V1 request 3982398771 [ HASH D ]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 09[NET] <BLV-BLV_c|28> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (92 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 13[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 13[ENC] <BLV-BLV_c|29> parsed INFORMATIONAL_V1 request 1486065059 [ HASH D ]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 13[IKE] <BLV-BLV_c|29> received DELETE for ESP CHILD_SA with SPI a49518ca
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 13[IKE] <BLV-BLV_c|29> closing CHILD_SA BLV-BLV_c{44} with SPIs cac94a93_i (677080 bytes) a49518ca_o (8636164 bytes) and TS 172.16.xx.0/24 === 192.168.xx.0/24
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 4000234389 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 12[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 12[ENC] <BLV-BLV_c|29> parsed QUICK_MODE request 1015710824 [ HASH SA No ID ID ]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 12[CFG] <BLV-BLV_c|29> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 12[ENC] <BLV-BLV_c|29> generating QUICK_MODE response 1015710824 [ HASH SA No ID ID ]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 12[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (188 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (60 bytes)
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 16[ENC] <BLV-BLV_c|29> parsed QUICK_MODE request 1015710824 [ HASH ]
Wed Oct 11 16:03:39 2023 daemon.info ipsec: 16[IKE] <BLV-BLV_c|29> CHILD_SA BLV-BLV_c{45} established with SPIs cc3a2c19_i 8f0ddd15_o and TS 172.16.xx.0/24 === 192.168.xx.0/24
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 4076466012 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:41 2023 daemon.info ipsec: 15[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 730347283 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:45 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 1162847811 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:49 2023 daemon.info ipsec: 16[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 3834971010 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:53 2023 daemon.info ipsec: 11[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 3915908177 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:03:57 2023 daemon.info ipsec: 15[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[NET] <BLV-BLV_c|29> received packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (172 bytes)
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[ENC] <BLV-BLV_c|29> invalid HASH_V1 payload length, decryption failed?
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[ENC] <BLV-BLV_c|29> could not decrypt payloads
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[IKE] <BLV-BLV_c|29> message parsing failed
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[ENC] <BLV-BLV_c|29> generating INFORMATIONAL_V1 request 3126176210 [ HASH N(PLD_MAL) ]
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[NET] <BLV-BLV_c|29> sending packet: from xx.xxx.xxx.xx[500] to xx.xxx.xxx.xx[500] (76 bytes)
Wed Oct 11 16:04:01 2023 daemon.info ipsec: 07[IKE] <BLV-BLV_c|29> QUICK_MODE request with message ID 1556826128 processing failed
Anyone can help me please
Thanks