No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

IPSec tunnel cannot established on USG6680

Publication Date:  2019-12-30  |   Views:  62  |   Downloads:  0  |   Author:  cWX611640  |   Document ID:  EKB1100043561

Contents

Issue Description

 

IPSec tunnel implemented between the Branch office and HQ. After configuring, the ping traffic is enabled to trigger the tunnel establishing, but failed.

Handling Process

1. Check the IKE and IPSec SA state, neither IKE nor IPSec negotiated successfully.

2. Check the configuration on both Branch and HQ firewalls, all is normal.

3. Ping the remote firewall to check if there is connection problem. The ping result is normal.

4. Check the session table to exam detailed traffic flow.

The result indicates that the traffic is encapsulated into the tunnel correctly.

5. Check the IKE error information.

The result indicates that error occurred during the authentication, it should be caused by the mismatch password.

6. Modify the password on both firewalls, problem resolved.

Root Cause

Mismatch password causing the IPSec tunnel establishment failure.