Avaya Configuring Branch Office Tunnel between a Contivity and a BayRS Router Manual de usuario descargar pdf (Pagina 19)

Tech Tip

Contivity Secure IP Services Gateway

Configuring Branch Office Tunnel between a Contivity and a BayRS

router

# 4: 09/14/2004 08:27:19.287 WARNING SLOT 1 IKE Code: 9

Cookies did not match properly for IKE peer 10.1.1.2,

interface 10.1.1.1

This message generally indicates an incompatibility in the Diffie-Hellman settings. The BayRS

router uses Diffie-Hellman Group: 56-bit DES with Group 1 (768-bit prime) and there is no way to

change it. Check the IPSec peer and verify that the SA is configured for Diffie-Hellman Group 1.

# 3: 09/14/2004 08:53:17.549 INFO SLOT 1 IKE Code: 124

Invalid Flags: Source 10.1.1.2, Dest 10.1.1.1

Message ID 0x0, SPI length: 0, SPI: 0

# 2: 09/14/2004 08:54:22.108 INFO SLOT 1 IKE Code: 117

Invalid Payload Type: Source 10.1.1.2, Dest 10.1.1.1,

Message ID 0x0, SPI length: 0, SPI: 0

Both these messages are generally an indication of a mismatch of the Pre-Shared Key on both

sides of the connection. Depending on whether the ARN was the initiator or the responder of this

particular SA, the message will be different. The Pre-Shared Key for the ARN was configured in

step 6 of the “Configuring ARN” section of this guide, and in the Profiles ÆBranch Office

ÆConnections section of the Contivity GUI.

# 16: 09/14/2004 08:58:31.927 INFO SLOT 1 IKE Code:

Notification received: Source 10.1.1.2, Dest 10.1.1.1,

Message ID 0x3c441a39, SPI length: 4, SPI: 3240933836,

Invalid ID Information

# 2: 09/14/2004 08:59:59.469 INFO SLOT 1 IPSEC Code: 122

IPSec received inbound SA request. Start/end destination address

does not match descriptor start/end source address.

Policy number: 1.

ID payload start/end dest address: 2.1.1.0-2.1.1.255

Descriptor start/end source address: 2.1.1.0-2.1.1.20

These messages generally indicate a mismatch in the Local/Remote network pairs on both sides

of the connection. The Local/Remote network pairs for the ARN were configured as a

Template/Policy in steps 7, 8, and 9 of the “Configuring ARN” section of this guide, and in the

Profiles ÆBranch Office ÆConnections section of the Contivity GUI.

TT040916 1.00 September 2004 Page: 19 of 29

1 2 ... 14 15 16 17 18 19 20 21 22 23 24 ... 28 29

Sin comentarios

Avaya Configuring Branch Office Tunnel between a Contivity and a BayRS Router Manual de usuario Pagina 19