[c-nsp] IKEv2 unknown connections

Graham Bartlett (grbartle) grbartle at cisco.com
Mon Jan 7 14:34:53 EST 2019


Hi Robert

As these are 30s apart I would guess it's a misconfigured peer.

you could enable 'debug crypto ikev2' and then see more verbose details of the connection. From the message it looks like it gets to IKE_AUTH and then can't locate the incoming IKE ID.

cheers

On 03/01/2019, 10:00, "cisco-nsp on behalf of Robert Hass" <cisco-nsp-bounces at puck.nether.net on behalf of robhass at gmail.com> wrote:

    Jan  3 10:47:55.795: %IKEV2-3-NEG_ABORT: Negotiation aborted due to ERROR:
    Failed to locate an item in the database
    Jan  3 10:48:25.536: %IKEV2-5-RECV_CONNECTION_REQUEST: Received a
    IKE_INIT_SA request
    Jan  3 10:48:25.794: %IKEV2-3-NEG_ABORT: Negotiation aborted due to ERROR:
    Failed to locate an item in the database


More information about the cisco-nsp mailing list