获得“建立IKE_SA失败，同伴没有响应”连接我的站点到站点VPN时出错

本文介绍了获得“建立IKE_SA失败，同伴没有响应”连接我的站点到站点VPN时出错的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试设置站点到站点VPN，我的内部部署设备正在提供以下日志。任何想法可能导致它说"同行没有回应"？我似乎能够毫无问题地连接我的客户端。我的内部部署VPN
服务器是Kerio Control 9.2.8，它支持IPSec和最常见的密码。

[31 / Jan / 2019 13:01:54] { charon} charon：11 [IKE]建立IKE_SA失败，同伴没有回应

[31 / Jan / 2019 13:01:54] {IPsec} TunnelsList | thread：'ipsec up tunnel_3_3_1_1 '返回0

[31 / Jan / 2019 13:01:54] {charon} charon：09 [CFG]收到中风：发起'tunnel_3_4_1_1'

[31 / Jan / 2019 13:01:54] {charon} charon：03 [IKE]启动主模式IKE_SA tunnel_3_1_1_1 [52743]至yyyy

[31 / Jan / 2019 13:01:54] {charon} charon：03 [CFG]已配置提案：IKE：AES_CBC_128 / HMAC_SHA1_96 / PRF_HMAC_SHA1 / MODP_2048，IKE：3DES_CBC / HMAC_SHA1_96 / PRF_HMAC_SHA1 / MODP_1536，IKE：AES_CBC_128 / AES_CBC_192 / AES_CBC_256 / 3DES_CBC / HMAC_SHA2_256_128 / HMAC_SHA2_384_192 / HMAC_SHA2_512_256 / AES_XCBC_96 / AES_CMAC_96 / HMAC_SHA1_96 / HMAC_MD5_96 / PRF_AES128_XCBC / PRF_AES128_CMAC / PRF_HMAC_SHA2_256 / PRF_HMAC_SHA2_384 / PRF_HMAC_SHA2_512 / PRF_HMAC_SHA1 / PR F_HMAC_MD5 / MODP_3072 / MODP_4096 / MODP_8192 / MODP_2048 / MODP_2048_256 / MODP_1024

[31 / Jan / 2019 13:01:54] {charon} charon：03 [ENC]生成ID_PROT请求0 [SA VVVVV]

[31 / Jan / 2019 13:01:54] {charon} charon：03 [NET]发送数据包：从xxxx [500]到yyyy [500] （248字节）

[31 / Jan / 2019 13:01:58] {charon} charon：07 [IKE]发送重发1请求消息ID 0，seq 1
$
[31 / Jan / 2019 13:01:58] {charon} charon：07 [NET]发送数据包：从xxxx [500]到yyyy [500]（248字节）
$
[31 / Jan / 2019 13:02:05] {charon} charon：08 [IKE]在1次转发后放弃了
[31 / Jan / 2019 13:02:05] {charon} charon：08 [IKE]建立IKE_SA失败，同伴没有回复

解决方案

Hi, I am trying to set up a Site to Site VPN and my on-premise device is giving the logs below. Any idea what could be causing it to say "peer not responding"? I have been able to connect my client without any issues, it seems. My on-premise VPN Server is a Kerio Control 9.2.8, which supports IPSec and most common ciphers.

[31/Jan/2019 13:01:54] {charon} charon: 11[IKE] establishing IKE_SA failed, peer not responding
[31/Jan/2019 13:01:54] {IPsec} TunnelsList|thread: 'ipsec up tunnel_3_3_1_1' returned 0
[31/Jan/2019 13:01:54] {charon} charon: 09[CFG] received stroke: initiate 'tunnel_3_4_1_1'
[31/Jan/2019 13:01:54] {charon} charon: 03[IKE] initiating Main Mode IKE_SA tunnel_3_1_1_1[52743] to y.y.y.y
[31/Jan/2019 13:01:54] {charon} charon: 03[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/HMAC_MD5_96/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_HMAC_SHA1/PRF_HMAC_MD5/MODP_3072/MODP_4096/MODP_8192/MODP_2048/MODP_2048_256/MODP_1024
[31/Jan/2019 13:01:54] {charon} charon: 03[ENC] generating ID_PROT request 0 [ SA V V V V V ]
[31/Jan/2019 13:01:54] {charon} charon: 03[NET] sending packet: from x.x.x.x[500] to y.y.y.y[500] (248 bytes)
[31/Jan/2019 13:01:58] {charon} charon: 07[IKE] sending retransmit 1 of request message ID 0, seq 1
[31/Jan/2019 13:01:58] {charon} charon: 07[NET] sending packet: from x.x.x.x[500] to y.y.y.y[500] (248 bytes)
[31/Jan/2019 13:02:05] {charon} charon: 08[IKE] giving up after 1 retransmits
[31/Jan/2019 13:02:05] {charon} charon: 08[IKE] establishing IKE_SA failed, peer not responding

解决方案

这篇关于获得“建立IKE_SA失败，同伴没有响应”连接我的站点到站点VPN时出错的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！