No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

The encryption card problem lead to cannot establish IKE negotiation

Publication Date:  2012-11-06  |   Views:  276  |   Downloads:  0  |   Author:  SU1001429751  |   Document ID:  EKB1000019025

Contents

Issue Description

E100E and USG5300 establish IPSEC VPN tunnel, IKE negotiation, IPSEC VPN negotiation parameters of two ends are correct, but cannot establish IKE negotiation.
Debugging Ike information:
*5.3852519370 Eudemon IKE/8/DEBUG:exchange run: unexpected payload VENDOR
*5.3852519470 Eudemon IKE/8/DEBUG:message parse payloads: reserved field non-zero
*5.3852519470 Eudemon IKE/8/DEBUG:dropped message from x.x.x.x due to notification type PAYLOAD_MALFORMED
*5.3852519470 Eudemon IKE/8/DEBUG:message sort payloads err
*5.3852526870 Eudemon IKE/8/DEBUG:message parse payloads: reserved field non-zero
*5.3852526870 Eudemon IKE/8/DEBUG:dropped message from x.x.x.x due to notification type PAYLOAD_MALFORMED
*5.3852526870 Eudemon IKE/8/DEBUG:message sort payloads err
*5.3852535870 Eudemon IKE/8/DEBUG:message parse payloads: reserved field non-zero
*5.3852535870 Eudemon IKE/8/DEBUG:dropped message from x.x.x.x due to notification type PAYLOAD_MALFORMED
*5.3852535870 Eudemon IKE/8/DEBUG:message sort payloads err

Alarm Information

none

Handling Process

Through the command to restart encryption card, solve the problem:
[Eudemon]interface Secp 0/0/0
[Eudemon-Secp0/0/0]shutdown
[Eudemon-Secp0/0/0]undo shutdown

Root Cause

The problem is caused by E100E encryption card problem.
Low-end products in order to enhance supporting IPSEC VPN performance, with a piece of encryption card, if the encryption card encryption is error, will lead to peer end equipment decryption fail, cannot to automatic recovery, only can through shutdown/undo shutdown to restart encryption card to restore.

Suggestions

If this problem happen often, Suggest close the encryption card.
The operation to close encryption card:
[Eudemon] interface Secp 0/0/0
[Eudemon - Secp0/0/0] shutdown
Please save configuration after modify, in order to avoid encryption card and automatically open again after the equipment restart.