We're currently having a problem with one of our remote offices VPN (site to site). The VPN has been down now for a few days for no apparent reason. Nothing has been changed on the remote device or the VPN device in Head Office, and all our other VPN's (over 30 in total) to head office are all fine.
The peers can ping each other no problem, however, I suspect that UDP port 500 is being blocked at the remote office ISP. The reason I suspect this is because when traffic is initiated on Side A, phase 1 negotiations begin, but there is never anything on the logs of Side B to say that a packet was received. Then Side A reports that phase 1 retransmission limit has been reached.
The result is the same is traffic is initiated from Side B.
We've already contacted the ISP, who claim that they are not blocking anything. I've used nmap to check what ports are open, but because it's a UDP port it's rather tricky. nmap reports that the port may be filtered or open, but it also reports this for peers that have an active/working VPN.
So I'm at a loss as to what I should do now. How can I find out for definite if UDP 500 is open or not? I've asked if the remote ISP could monitor some traffic on that circuit (to see what's being blocked and what's being allowed through) but I've not heard anything from them. Do you think this is something ISP's would normally do if requested?
I'd really apprecaite some help on this as I'm despareate to get to the bottom of this soon
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau
The peers can ping each other no problem, however, I suspect that UDP port 500 is being blocked at the remote office ISP. The reason I suspect this is because when traffic is initiated on Side A, phase 1 negotiations begin, but there is never anything on the logs of Side B to say that a packet was received. Then Side A reports that phase 1 retransmission limit has been reached.
The result is the same is traffic is initiated from Side B.
We've already contacted the ISP, who claim that they are not blocking anything. I've used nmap to check what ports are open, but because it's a UDP port it's rather tricky. nmap reports that the port may be filtered or open, but it also reports this for peers that have an active/working VPN.
So I'm at a loss as to what I should do now. How can I find out for definite if UDP 500 is open or not? I've asked if the remote ISP could monitor some traffic on that circuit (to see what's being blocked and what's being allowed through) but I've not heard anything from them. Do you think this is something ISP's would normally do if requested?
I'd really apprecaite some help on this as I'm despareate to get to the bottom of this soon
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau