USG60 IKEv2/Ipsec client question
I'm trying to get a USG60 to connect to a vpn service as an IPSEC client. EAP auth seems to work (logs show "AUTH Success!" message) and I get as far as "IKE SA negotiation process done" in the log. I then seem to enter a loop where we keep sending the cookie pair back and forth forever (logs show it repeating with a client message of "Send:" and the VPN server a "Recv:" message)
I recall with site to site IPSEC in the past I used to see an explicit phase 1 complete message, not sure if the "SA negotiation process done" means my issue is in phase 2. Does anyone know if that's correct, and why I might be stuck in this loop?
Attaching a screenshot of the loop. USG client is 172.x.x.x and VPN server is 45.x.x.x.
Thanks for any ideas!
Sign In to comment.