No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU
Knowledge Base

IPSec tunnel cannot established on USG6680

Publication Date:  2019-12-30  |   Views:  62  |   Downloads:  0  |   Author:  cWX611640  |   Document ID:  EKB1100043561

Contents
Issue Description Handling Process Root Cause

Issue Description

 

IPSec tunnel implemented between the Branch office and HQ. After configuring, the ping traffic is enabled to trigger the tunnel establishing, but failed.

Handling Process

1. Check the IKE and IPSec SA state, neither IKE nor IPSec negotiated successfully.

2. Check the configuration on both Branch and HQ firewalls, all is normal.

3. Ping the remote firewall to check if there is connection problem. The ping result is normal.

4. Check the session table to exam detailed traffic flow.

The result indicates that the traffic is encapsulated into the tunnel correctly.

5. Check the IKE error information.

The result indicates that error occurred during the authentication, it should be caused by the mismatch password.

6. Modify the password on both firewalls, problem resolved.

Root Cause

Mismatch password causing the IPSec tunnel establishment failure.

Feedback
Related resources
Case in Chinese Documentation Software Download Bulletins Tools
Related searches
By Author
Help us to improve
Write an article
Enterprise APP

Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.