No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

IPSEC VPN connection failure with Juniper Firewall

Publication Date:  2013-09-26 Views:  133 Downloads:  0
Issue Description
IPSEC VPN connection failure with Juniper Firewall
Alarm Information
*6.24460584 fw-e200-e7-1 IKE/7/DEBUG:Enter m_initiator_recv_ID_AUTH
*6.24460584 fw-e200-e7-1 IKE/7/DEBUG:recv ID: find ike peer by address (0x2e1dd80c) failed !

*6.24475294 fw-e200-e7-1 IKE/7/DEBUG:sa interface = 0xa86; now will fib search
*6.24475294 fw-e200-e7-1 IKE/7/DEBUG:the interface binding policy for this sa is not match with the send interface
*6.24475294 fw-e200-e7-1 IKE/7/DEBUG:sa interface = 0xa86; send interface = 0x809
Handling Process
We check the configuration on Eudemon is match with Juniper firewall, But out going traffic is not from the same interface as thetraffic in coming.

We change the PE router route policy, issue solved.
Root Cause
1. configuration wrong

2. asymmetric traffic
Suggestions
Make sure traffic go out and come in the same interface, when establish the IPsec VPN tunnel.

END