Troubleshooting Ike; Ike Negotiation Failed Because No Matching Ike Proposals Were Found - HP MSR2000 Configuration Manual
Hide thumbs
Also See for MSR2000:
- Configuration manual (455 pages) ,
- Manual (73 pages) ,
- High availability configuration manual (91 pages)
Table of Contents
Advertisement
dest addr: 10.2.1.0/255.255.255.0
[Inbound ESP SAs]
SPI: 830667426 (0x3182faa2)
Transform set: ESP-ENCRYPT-3DES-CBC ESP-AUTH-MD5
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843200/2313
Max received sequence-number:
Anti-replay check enable: Y
Anti-replay window size: 64
UDP encapsulation used for nat traversal: Y
Status: active
[Outbound ESP SAs]
SPI: 3516214669 (0xd1952d8d)
Transform set: ESP-ENCRYPT-3DES-CBC ESP-AUTH-MD5
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843200/2313
Max received sequence-number:
Anti-replay check enable: Y
Anti-replay window size: 64
UDP encapsulation used for nat traversal: Y
Status: active
Troubleshooting IKE
IKE negotiation failed because no matching IKE proposals
were found
Symptom
1.
The IKE SA is in Unknown state.
<Sysname> display ike sa
Connection-ID
------------------------------------------------------------------
1
Flags:
RD--READY RL--REPLACED FD-FADING
2.
When IKE event debugging and packet debugging are enabled, the following messages appear:
IKE event debugging message:
The attributes are unacceptable.
IKE packet debugging message:
Construct notification packet: NO_PROPOSAL_CHOSEN.
Analysis
Certain IKE proposal settings are incorrect.
port: 0
Remote
192.168.222.5
205
protocol: IP
Flag
DOI
Unknown
IPSEC
Advertisement
Table of Contents
Troubleshooting
