반응형
## IPSEC_STATUS_DOWN, error: Authentication failed
| ## IPSEC_STATUS_DOWN, error: Authentication failed 2024-01-02T01:48:26.198Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet S(123.41.124.13:500 -> 61.43.208.114:500): len= 256, mID=1, HDR(5cda6aab983534c3_i, ea917dff2c8aa9b6_r), IDi, IDr, AUTH, SA, TSi, TSr, N(HTTP_CERT_LOOKUP_SUPPORTED), N(INITIAL_CONTACT), N(ESP_TFC_PADDING_NOT_SUPPORTED) 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="DBG"] RX RSP-1 HDR,SK{-} 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet R(123.41.124.13:500 <- 61.43.208.114:500): len= 56, mID=1, HDR(5cda6aab983534c3_i, ea917dff2c8aa9b6_r), N(AUTHENTICATION_FAILED). 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="DBG"] decoding packet 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="WARN"] Plain-text notification `Authentication failed'(24) from 61.43.208.114:500 for protocol None. Initiator SPI 5cda6aab 983534c3 Responder SPI ea917dff 2c8aa9b6 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="DBG"] IKE SA error 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="DBG"] Local-SPI: 5cda6aab 983534c3 Remote-SPI: ea917dff 2c8aa9b6 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="DBG"] Error:"IKE_AUTH packet is missing IDr or AUTH payload" 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] Tue Jan 02 2024 01:48:26: IKE_BAD_PAYLOAD_SYNTAX: SPI 5cda6aab983534c3ea917dff2c8aa9b6: Src 123.41.124.13: Dst 61.43.208.114: IKE_AUTH packet is missing IDr or AUTH payload 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="iked-main" level="INFO"] Request for IPSEC tunnel status update : tunnel: 8193, rule: 977057194, local_ip: 123.41.124.13, peer_ip: 61.43.208.114 inbound_spi: 0x0, outbound_spi: 0x0 status: IPSEC_STATUS_DOWN, error: Authentication failed -장비교체전(issue) 2024-01-02T01:48:26.198Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet S(123.41.124.13:500 -> 61.43.208.114:500): len= 256, mID=1, HDR(5cda6aab983534c3_i, ea917dff2c8aa9b6_r), IDi, IDr, AUTH, SA, TSi, TSr, N(HTTP_CERT_LOOKUP_SUPPORTED), N(INITIAL_CONTACT), N(ESP_TFC_PADDING_NOT_SUPPORTED) 2024-01-02T01:48:26.202Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet R(123.41.124.13:500 <- 61.43.208.114:500): len= 56, mID=1, HDR(5cda6aab983534c3_i, ea917dff2c8aa9b6_r), N(AUTHENTICATION_FAILED). -장비교체후(OK) 2024-01-02T06:45:47.681Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet R(123.41.124.13:500 <- 61.43.208.234:500): len= 336, mID=0, HDR(8ea7d4bde9e9b835_i, 1d559cb24ada38eb_r), SA, Nonce, KE, TSi, TSr 2024-01-02T06:45:47.655Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet S(123.41.124.13:500 -> 61.43.208.234:500): len= 368, mID=0, HDR(8ea7d4bde9e9b835_i, 1d559cb24ada38eb_r), SA, Nonce, KE, TSi, TSr, N(ESP_TFC_PADDING_NOT_SUPPORTED) |
## IPSEC_STATUS_DOWN, error: TS unacceptable
| 2024-01-02T01:48:31.339Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet R(123.41.124.13:500 <- 61.43.208.114:500): len= 56, mID=0, HDR(40e4a8b449bdf1a6_i, d30082c978295563_r), N(TS_UNACCEPTABLE) 2024-01-02T01:48:31.339Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="iked-main" level="INFO"] Request for IPSEC tunnel status update : tunnel: 8193, rule: 977057194, local_ip: 123.41.124.13, peer_ip: 61.43.208.114 inbound_spi: 0x0, outbound_spi: 0x0 status: IPSEC_STATUS_DOWN, error: TS unacceptable -issue (Peer 간 Traffic Selector 설정 mismatch로 판단됨.) 2024-01-02T01:59:54.367Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] Local Traffic Selector ipv4(10.10.4.0-10.10.4.255) 2024-01-02T01:59:54.367Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] Remote Traffic Selector ipv4(10.10.20.0-10.10.20.255) -정상 2024-01-02T06:45:42.443Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] Local Traffic Selector ipv4(10.10.4.0-10.10.4.255) 2024-01-02T06:45:42.443Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] Remote Traffic Selector ipv4(10.10.20.0-10.10.20.255),ipv4(10.111.79.0-10.111.79.255) - Regarding Traffic Selector on VPN "Policy Rule ID": 78296981, "Remote IP Address": "61.43.208.234", ….. "Local Traffic Selector": "ipv4(10.10.4.0-10.10.4.255)", ….. "Remote Traffic Selector": "ipv4(10.10.20.0-10.10.20.255),ipv4(10.111.79.0-10.", |
반응형
'IT' 카테고리의 다른 글
| default configure of web server (0) | 2024.02.02 |
|---|---|
| Describe shared-tree / shortest path on Multicast Routing (0) | 2024.01.30 |
| Analysis releate to IPSEC VPN (0) | 2023.12.13 |
| DNS resolve 해보기. (0) | 2023.11.15 |
| quagga bgp (1) | 2023.11.01 |
