No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

Traffic through IPsec tunnel is not passing

Publication Date:  2018-12-18  |   Views:  839  |   Downloads:  0  |   Author:  a84103535  |   Document ID:  EKB1002058758

Contents

Issue Description

The traffic between and USG and AR through IPsec VPN tunnel is not passing, even though the IPsec is established.


Handling Process

Check the IPsec proposals and IKE proposals configuration. 

Check the output of display IKE sa command and display IPsec proposal to check whether both ends have IKE set up and if they have the same algorithms and parameters configured.




Make sure the encryption algorithms are the same on both ends. Also the authentication algorithms.

Root Cause

Command "ipsec authentication <encryption_algorithm> compatible enable" is not configured, therefore the traffic is interrupted when connecting the USG and AR, becuase they are different devices.

Solution

Configure ipsec authentication <encryption_algorithm> compatible enable on both devices and test again using "display ipsec statistics esp".