Overview
Creating an IPSec VPN tunnel with an external firewall fails with the below error seen in Kerio Control logs:
{charon} charon: 12[IKE] establishing IKE_SA failed, peer not responding
Solution
- The error usually occurs due to a mismatch in the IKE protocol versions between Kerio Control and the firewall.
- Kerio Control uses IKEv1 by default.
- If the external firewall uses IKEv2, then, enable IKEv2 in Kerio Control.
Testing
The VPN tunnel can now be established successfully. In case the issue persists, then you can check the external firewall's logs for more informaiton on why the incoming connections from Kerio Control are being rejected.