No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

ipsec issue between huawei and cisco device

Publication Date:  2017-08-28  |   Views:  1215  |   Downloads:  0  |   Author:  s84062897  |   Document ID:  EKB1000838299

Contents

Issue Description

IPSEC ISSUE BETWEEN HUAWEI AND CHECKPOINT , tunnel up , both phase 1 &2 up but not able to transfer data . even same configuration is working in other site .

Alarm Information

NO LOGS GENERATE

Handling Process

while trouble shooting , we found their is missing of one command   ipsec authentication sha2 compatible enable.




Root Cause

 we need to run this command  ipsec authentication sha2 compatible enable.
after this service working fine .

Solution

need to run this command for compatibility of other vender ,  ipsec authentication sha2 compatible enable.

 

Suggestions

  need to run this command    ipsec authentication sha2 compatible enable.

 Explanations   

When the IPSec protocol uses the SHA-2 algorithm and the device at the remote end of the IPSec tunnel is a Cisco device, you need to configure this command on the local device. If the command is not configured on the local device, service transmission will be interrupted.


When the IPSec protocol uses the SHA-2 algorithm and the device at the remote end of the IPSec tunnel runs software V200R005C00, you need to configure this command on the local device.