Questions tagged with AWS Account Management

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS Site-to-Site VPN

Hello, I created an AWS Site-to-Site VPN connection between my local network and aws vpc, installed the libreswan package, after starting the ipsec service, it can't connect to tunnel 1. What could be the problem? OS: Ubuntu 18.04.6 LTS, libreswan 3.29 package Output: Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: DH algorithms: Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP1024 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh2 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: 1 CPU cores online Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: starting up 1 crypto helpers Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: started thread for crypto helper 0 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: Using Linux XFRM/NETKEY IPsec interface code on 4.15.0-197-generic Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: selinux support is NOT enabled. Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: systemd watchdog for ipsec service configured with timeout of 200000000 usecs Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: watchdog: sending probes every 100 secs Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: seccomp security not supported Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: seccomp security for crypto helper not supported Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: added connection description "Tunnel1" Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: listening for IKE messages Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: Kernel supports NIC esp-hw-offload Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: adding interface ens160/ens160 (esp-hw-offload=no) 192.168.55.18:500 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: adding interface ens160/ens160 192.168.50.18:4500 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: Kernel supports NIC esp-hw-offload Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: adding interface lo/lo (esp-hw-offload=no) 127.0.0.1:500 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: adding interface lo/lo 127.0.0.1:4500 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: Kernel supports NIC esp-hw-offload Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: adding interface lo/lo (esp-hw-offload=no) ::1:500 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: loading secrets from "/etc/ipsec.secrets" Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: loading secrets from "/etc/ipsec.d/aws.secrets" Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: initiating v2 parent SA Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: "Tunnel1": constructed local IKE proposals for Tunnel1 (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_CBC_128;PRF=HMAC Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: sent v2I1, expected v2R1 Nov 25 07:55:22 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response Nov 25 07:55:23 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response Nov 25 07:55:24 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response Nov 25 07:55:26 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response Nov 25 07:55:30 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response Nov 25 07:55:38 aws-vpn-p-1 pluto[4468]: "Tunnel1" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response Thanks in advance.
3
answers
0
votes
16
views
asked 2 days ago