No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


UBro solutions due to AHR configuration problem causes IPsec tunnel failed to establish.

Publication Date:  2012-11-06 Views:  154 Downloads:  0

Issue Description

Firewall version is E1000EV100R002C01B020, in uBro solutions, use E1000E establish IPsec tunnel with AP equipment to realize the security of AP remote access. When the AP equipment directly connects firewall, they can establishe IPSec tunnel successfully. But when the AP equipment from Internet remote connects firewall, it will fail to establish IPSec tunnel.

Alarm Information

E1000E prompts “[ERR]:receive invalid AAA message”.

Handling Process

1, check the AP configuration, make sure the AP equipment is normal.
2, check the firewall configuration, make sure the firewall has no problem.
3, check the AAA server’s configuration, make sure AAA configuration has no problem.
4, when checking the AHR server’s configuration, found the segw address which is configured by AHR is private address. After changed it to public address, the tunnel establishes successfully.

Root Cause

In uBro project, firewall and AP establish IPSec tunnel, firewall needs to communicate with AAA server, and the AAA server needs to communicate with AHR server, can check the communicating process step by step to solve the problem.