No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


IPSEC VPN connection failure with Juniper Firewall

Publication Date:  2013-09-26 Views:  285 Downloads:  0

Issue Description

IPSEC VPN connection failure with Juniper Firewall

Alarm Information

*6.24460584 fw-e200-e7-1 IKE/7/DEBUG:Enter m_initiator_recv_ID_AUTH
*6.24460584 fw-e200-e7-1 IKE/7/DEBUG:recv ID: find ike peer by address (0x2e1dd80c) failed !

*6.24475294 fw-e200-e7-1 IKE/7/DEBUG:sa interface = 0xa86; now will fib search
*6.24475294 fw-e200-e7-1 IKE/7/DEBUG:the interface binding policy for this sa is not match with the send interface
*6.24475294 fw-e200-e7-1 IKE/7/DEBUG:sa interface = 0xa86; send interface = 0x809

Handling Process

We check the configuration on Eudemon is match with Juniper firewall, But out going traffic is not from the same interface as thetraffic in coming.

We change the PE router route policy, issue solved.

Root Cause

1. configuration wrong

2. asymmetric traffic


Make sure traffic go out and come in the same interface, when establish the IPsec VPN tunnel.