Teltonika RUTX08 IPSec Tunnel not working when im configuring remote peer with DNS name

Hello ive got a Teltonika RUTX08

Ive configured IPSec Tunnel but it’s not working when im configuring the remote host peer with the DNS name. If i put the remote host ip address it’s working fine

Im on latest firmware RUTX_R_00.07.06.6_WEBUI.bin. On earlier firmware i had the same problem

Here is some logs when remote host is with dns name

Mon Mar 11 14:42:34 2024 daemon.info ipsec: 07[IKE] <BLV-BLV_c|1> initiating IKE_SA BLV-BLV_c[1] to xx.xxx.xxx.70
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 07[ENC] <BLV-BLV_c|1> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 07[NET] <BLV-BLV_c|1> sending packet: from xx.xxx.xxx.94[500] to xx.xxx.xxx.70[500] (336 bytes)
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[NET] <BLV-BLV_c|1> received packet: from xx.xxx.xxx.70[500] to xx.xxx.xxx.94[500] (292 bytes)
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[ENC] <BLV-BLV_c|1> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[CFG] <BLV-BLV_c|1> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[CFG] <BLV-BLV_c|1> no IDi configured, fall back on IP address
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[IKE] <BLV-BLV_c|1> authentication of ‘xx.xxx.xxx.94’ (myself) with pre-shared key
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[IKE] <BLV-BLV_c|1> establishing CHILD_SA BLV-BLV_c{1}
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[ENC] <BLV-BLV_c|1> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 14[NET] <BLV-BLV_c|1> sending packet: from xx.xxx.xxx.94[4500] to xx.xxx.xxx.70[4500] (300 bytes)
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 15[NET] <BLV-BLV_c|1> received packet: from xx.xxx.xxx.70[4500] to xx.xxx.xxx.94[4500] (252 bytes)
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 15[ENC] <BLV-BLV_c|1> parsed IKE_AUTH response 1 [ IDr AUTH N(CRASH_DET) SA TSi TSr N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) ]
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 15[IKE] <BLV-BLV_c|1> no shared key found for ‘xx.xxx.xxx.94’ - ‘xx.xxx.xxx.70’
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 15[ENC] <BLV-BLV_c|1> generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Mon Mar 11 14:42:34 2024 daemon.info ipsec: 15[NET] <BLV-BLV_c|1> sending packet: from xx.xxx.xxx.94[4500] to xx.xxx.xxx.70[4500] (76 bytes)
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 09[IKE] <BLV-BLV_c|2> initiating IKE_SA BLV-BLV_c[2] to xx.xxx.xxx.70
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 09[ENC] <BLV-BLV_c|2> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 09[NET] <BLV-BLV_c|2> sending packet: from xx.xxx.xxx.94[500] to xx.xxx.xxx.70[500] (336 bytes)
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[NET] <BLV-BLV_c|2> received packet: from xx.xxx.xxx.70[500] to xx.xxx.xxx.94[500] (292 bytes)
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[ENC] <BLV-BLV_c|2> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[CFG] <BLV-BLV_c|2> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[CFG] <BLV-BLV_c|2> no IDi configured, fall back on IP address
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[IKE] <BLV-BLV_c|2> authentication of ‘xx.xxx.xxx.94’ (myself) with pre-shared key
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[IKE] <BLV-BLV_c|2> establishing CHILD_SA BLV-BLV_c{2}
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[ENC] <BLV-BLV_c|2> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 15[NET] <BLV-BLV_c|2> sending packet: from xx.xxx.xxx.94[4500] to xx.xxx.xxx.70[4500] (300 bytes)
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 06[NET] <BLV-BLV_c|2> received packet: from xx.xxx.xxx.70[4500] to xx.xxx.xxx.94[4500] (252 bytes)
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 06[ENC] <BLV-BLV_c|2> parsed IKE_AUTH response 1 [ IDr AUTH N(CRASH_DET) SA TSi TSr N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) ]
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 06[IKE] <BLV-BLV_c|2> no shared key found for ‘xx.xxx.xxx.94’ - ‘xx.xxx.xxx.70’
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 06[ENC] <BLV-BLV_c|2> generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Mon Mar 11 14:43:04 2024 daemon.info ipsec: 06[NET] <BLV-BLV_c|2> sending packet: from xx.xxx.xxx.94[4500] to xx.xxx.xxx.70[4500] (76 bytes)

This topic was automatically closed after 15 days. New replies are no longer allowed.