VPN site to site connexion, IKE-phase 1 Negociation failed as initiator, ... due to timeout

Question

I configured VPN Connexion site to site AWS, and when the connexion was made from the other side, the IKE-Phase 1 is FAILED (Due to timeout). Here are the error notifications per events:
Event 1: 
ike-nego-p1-start => IKE phase-1 negociation is started as initiator, main mode. Initiated SA: XX.XX.XX.XX[500]-YY.YY.YY.YY[500] cookie:...
Event 2:
ike-nego-p1-fail => IKE phase-1 negociation is failed as initiator, main mode. Failed SA: XX.XX.XX.XX[500]-YY.YY.YY.YY[500] cookie:... Due to timeout.
Event 3:
ike-nego-p1-deleted => IKE phase-1 SA is deleted SA XX.XX.XX.XX[500]-YY.YY.YY.YY[500] cookie:...

Could you please help how to resolve this issue?
Thanks

Answer

Hello,

Please check the parameters on both side for phase 1 and phase 2 it should be exactly matched.
and Please there should be firewall allow the traffic on your side on port 500 /4500 from amazon peer to make the connection established.

Feel free to reach out AWS support for any deep dive .

VPN site to site connexion, IKE-phase 1 Negociation failed as initiator, ... due to timeout

相關內容