It took almost 2 days for me to resolve this problem -> traffic didn’t pass through the IPSec tunnel in Cyberoam firewall. I read most of KB articles in Cyberoam that talks about it. I grouped here all the checklists that you need to verify.
Log shows EST-P1: Peer did not accept any proposal sent, Message ID 17853
1.Define the subnets or hosts that must be routed via IPSec
Ref this KB article for details
2. Check if firewall rules are created to allow traffic from LAN to VPN and vice versa
Ref this KB article in detail
$2.75 per month
3. Check priority of VPN and static routes
Ref this KB article in detail
Starts at 30$ per month
Okay, for me, all these checklists were ticked but traffic was still not following through the IPSec tunnel. I hope you got into similar situation.
4. And I finally did this, I initiated ping from the host behind remote peer (in my case, remote peer was Paloalto Firewall), and it worked for me. Cyberoam started routing those traffic through the IPSec.
so every time cyberoam VPN goes down during internet failure or firewall maintenance, I had issue with Cyberoam routing traffic via IPSec, I initiate ping from the remote host in order to make it work! You need to perform from atleast from one host in each IP subnet that is participating in the VPN tunnel.
