Got it
Huawei Enterprise Support Community
Community Forums Security
Customers have two USG665...

Customers have two USG6650, IPSec failed to establish, check found, display Ike SA. Peer address is 0.0.0.0

Latest reply: Jun 15, 2018 13:49:15 736 1 0 0 0
View the author 1#

Basic Information

  Keywordsipsec
 ProductSecospace USG6650
 TitleUSG/USG6650V500R001C60/Ipsec ike failed
 AbstractCustomers have two USG6650, IPSec failed to establish, check found, display Ike SA. Peer address is 0.0.0.0
 Publication Date2018-04-28 06:17
 Associated KB
 LanguageEnglish
  Application ScenarioTroubleshooting

Application Info

 Fault TypeOperation and maintenance >> Others
 Issue Description

version

USG6650V500R001C60

Customers have two USG6650, IPSec failed to establish, check found, display Ike SA. Peer address is 0.0.0.0

741451df5e284e35912a44c6e018c3dc

 Alarm Information
 Handling Process

We opened the debug ikev1 all on the firewall and found the following alarm.

6e7d5b54bf38481698844d01145927f4

We found that packet has been retransmitting

In this case, customers generally do not allow 500  ports in the security policy.

We examine the customer's security policy and find that the customer simply releases the ESP protocol.



 Root Cause
 Solution

In the security policy permit 500 port

Like (0) Dislike (0) Favorite(0) Share Report
Previous: Q&A why Active FW down cannot switchover to Standby?
Next: USG6000 configure L2TP over IPSec and authenticate at AD server
(0) (0)
2#
Tina.4648
Created Jun 15, 2018 13:49:15

nice example
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.