NETGEAR SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Reference Manual page 349
Gigabit quad wan ssl vpn firewall
Hide thumbs
Also See for SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall:
- Configuration manual (8 pages) ,
- Use manual (9 pages) ,
- Network setup manual (8 pages)
Table of Contents
Advertisement
Table C-16. System Logs: IPsec VPN Tunnel, Tunnel Establishment (continued)
Explanation
Recommended Action
Table C-17. System Logs: IPsec VPN Tunnel, SA lifetime (150 sec in phase 1; 300 sec in
phase 2), VPN Tunnel is Reestablished
Message 1
Messages 2 through 6
Message 7
Messages 8 through 11
Explanation
Recommended Action
System Logs and Error Messages
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
Message 1–5: IPsec, IKE, and VPN firewall restart.
Message 6–7: IPsec and IKE configurations are added with the identifier "pol1."
Message 8–19: New phase 1 negotiation starts by determining the configuration for
the WAN host. Dead Peer Detection (DPD) is enabled and set. NAT payload
matching and NAT detection are done.
Message 20–21: ISAKMP-SA is established between the 2 WANs and information
is exchanged.
Message 22–23: New phase 2 negotiation starts by using IPsec SA configuration
pertaining to the LAN hosts.
Message 24–25: IPsec-SA VPN tunnel is established.
None
2000 Jan 1 04:32:25 [SRX5308] [IKE] Sending Informational Exchange: delete
payload[]_
2000 Jan 1 04:32:25 [SRX5308] [IKE] purged IPsec-SA proto_id=ESP
spi=181708762._
2000 Jan 1 04:32:25 [SRX5308] [IKE] purged IPsec-SA proto_id=ESP
spi=153677140._
2000 Jan 1 04:32:25 [SRX5308] [IKE] an undead schedule has been deleted:
'pk_recvupdate'._
2000 Jan 1 04:32:25 [SRX5308] [IKE] IPSec configuration with identifier "pol1"
deleted successfully_
2000 Jan 1 04:32:25 [SRX5308] [IKE] no phase 2 bounded._
2000 Jan 1 04:32:25 [SRX5308] [IKE] Sending Informational Exchange: delete
payload[]_
2000 Jan 1 04:32:25 [SRX5308] [IKE] Purged ISAKMP-SA with
spi=d67f2be9ca0cb241:8a094623c6811286._
2000 Jan 1 04:32:25 [SRX5308] [IKE] an undead schedule has been deleted:
'purge_remote'._
2000 Jan 1 04:32:25 [SRX5308] [IKE] IKE configuration with identifier "pol1"
deleted successfully_
2000 Jan 1 04:32:25 [SRX5308] [IKE] Could not find configuration for
20.0.0.1[500]_
Message 1: Informational exchange for deleting the payload.
Message 2–6: Phase 2 configuration is purged and confirms that no phase 2 is
bounded.
Message 7: Informational exchange for deleting the payload.
Message 8–11: Phase 1 configuration.
The VPN tunnel is reestablished.
None
v1.0, April 2010
C-11
Advertisement
Table of Contents
Troubleshooting
