Home

Forums

Stories

Knowledge Base

Business Community > Controllers > Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

< Controllers

Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

Sadiqus

2 weeks ago - last edited 2 weeks ago

Posts: 30

Helpful: 5

Solutions: 0

Stories: 0

Registered: 2020-12-04

Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

2 weeks ago - last edited 2 weeks ago

Tags: #VPN #Controller #VLAN & Multi-Networks

Model: OC200 Omada Software Controller (Linux)

Hardware Version: V1

Firmware Version: 5.15.8.12

I have 2 controllers with 2 sites each, I have Ipsec vpn connections between locations, since this morning they no longer connect either manually or automatically. I didn't make any changes in any of the controllers, they just disconnected and don't reconnect, I redid the settings, I tried on automatic, nothing just doesn't connect, and the worst thing is that absolutely nothing appears in the logs!. I don't know what else to do, I restarted the controller, I restarted routers, but nothing. I mention that I have 3 Er605 routers and a router ER706W. A controller is OC200 and a controller is software on an on-premise server, I mention that there are 4 locations in total, 3 locations have ER605 routers, and one location has ER706W.

Omada Hardware Controller OC200 1.0: FW: 1.31.3 Router : ER706W v1.0 : FW : 1.1.2 Switch : TL-SG2008 V4_4.20.0 and TL-SG108E V5_20191021 AP: EAP610 V3_1.4.3 and TL-WA801N V6_200116

28 Reply

MR.S

LV5

a week ago

Posts: 2411

Helpful: 867

Solutions: 317

Stories: 0

Registered: 2018-08-17

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

@Sadiqus

It just gets worse and worse, set up the vpn like I showed you earlier. set it up exactly the same on both sites

#22

Sadiqus

LV2

a week ago - last edited a week ago

Posts: 30

Helpful: 5

Solutions: 0

Stories: 0

Registered: 2020-12-04

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago - last edited a week ago

@MR.S

Omada Hardware Controller OC200 1.0: FW: 1.31.3 Router : ER706W v1.0 : FW : 1.1.2 Switch : TL-SG2008 V4_4.20.0 and TL-SG108E V5_20191021 AP: EAP610 V3_1.4.3 and TL-WA801N V6_200116

#23

MR.S

LV5

a week ago

Posts: 2411

Helpful: 867

Solutions: 317

Stories: 0

Registered: 2018-08-17

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

@Sadiqus

it looks like the tunnels are up. try pinging from a pc, ping gateway on remote site

#24

Sadiqus

LV2

a week ago

Posts: 30

Helpful: 5

Solutions: 0

Stories: 0

Registered: 2020-12-04

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

@MR.S

Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:24
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:24
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:23
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:23
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:22
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:22
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:21
	Gateway IPsec Module Information	WANVPN: IPsec connection was disconnected passively. (Peers=94.53.244.211<->94.53.231.180)	Feb 10, 2025 15:49:21

Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:46
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:45
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:44
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:43
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:42
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:41
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:40
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:39
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:37
	Gateway IPsec Module Information	WAN10: Enable DPD successfully. (DPD-Interval=94.53.231.180, Peers=94.53.244.211<-><null>)	Feb 10, 2025 15:49:36

Omada Hardware Controller OC200 1.0: FW: 1.31.3 Router : ER706W v1.0 : FW : 1.1.2 Switch : TL-SG2008 V4_4.20.0 and TL-SG108E V5_20191021 AP: EAP610 V3_1.4.3 and TL-WA801N V6_200116

#25

Sadiqus

LV2

a week ago

Posts: 30

Helpful: 5

Solutions: 0

Stories: 0

Registered: 2020-12-04

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

MR.S wrote

@Sadiqus

it looks like the tunnels are up. try pinging from a pc, ping gateway on remote site

@MR.S
Sometimes the ping it's working just from one side, mostly from network behind 94.53.244.211 to network behind 94.53.231.180 but now its not working from any side

Omada Hardware Controller OC200 1.0: FW: 1.31.3 Router : ER706W v1.0 : FW : 1.1.2 Switch : TL-SG2008 V4_4.20.0 and TL-SG108E V5_20191021 AP: EAP610 V3_1.4.3 and TL-WA801N V6_200116

#26

MR.S

LV5

a week ago

Posts: 2411

Helpful: 867

Solutions: 317

Stories: 0

Registered: 2018-08-17

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

@Sadiqus

I don't know, it should be pretty simple, remote subnet and local network must match on both sites, phase 1 and 2 must be the same on both sites. so you have an error in the configuration. you'll have to look with a magnifying glass to find the error :-)

remote subnets and local network have to match each other, on remote site is it the opposite, presharde key is the same on both site.

exactly the same on both site.

#27

Sadiqus

LV2

a week ago

Posts: 30

Helpful: 5

Solutions: 0

Stories: 0

Registered: 2020-12-04

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

@MR.S
i have cheked all the settings, apparently it's ok but it's not working.

Omada Hardware Controller OC200 1.0: FW: 1.31.3 Router : ER706W v1.0 : FW : 1.1.2 Switch : TL-SG2008 V4_4.20.0 and TL-SG108E V5_20191021 AP: EAP610 V3_1.4.3 and TL-WA801N V6_200116

#28

MR.S

LV5

a week ago

Posts: 2411

Helpful: 867

Solutions: 317

Stories: 0

Registered: 2018-08-17

Re:Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

a week ago

@Sadiqus

yes it looks correct now, so if you don't have any ACL blocking it it should work. if it doesn't work now then contact your ISP, maybe they have blocked something.

#29

Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

Ipsec VPN site-to-site it doesn't work anymore, it doesn't connect anymore from today

Information

Voters 0

Tags