- Community Home
- >
- Networking
- >
- Security e-Series
- >
- MSR3064
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-07-2017 02:31 PM
03-07-2017 02:31 PM
MSR3064
I have an advpn configuration that's working great however when I apply
interface Tunnel 0 mode advpn udp
tunnel protection ipsec profile ipsecprofile1
I repeatedly get the debugging message
The SA doesn't exist in kernel.
If I apply an ike profile the ipsec tunnel works beautiful and I can even switch the config and the error message goes away until I reboot, apply the ike profile and then switch to the ikev2...
dis ikev2 sa; no matter which profile I apply is always empty. "dis ike sa" does return proper results.
any hints?
Here's my ipsec/ikev2 config example....
ipsec profile ipsecprofile1 isakmp
transform-set ipsectran1
ike-profile ikeprofile1
ipsec transform-set ipsectran1
esp encryption-algorithm aes-cbc-256
esp authentication-algorithm sha512
ikev2 profile ikeprofile1
authentication-method local pre-share
keychain keychain1
ikev2 keychain keychain1
peer ikePEER
address 0.0.0.0 0.0.0.0
pre-shared-key <redacted>
ikev2 proposal ikev2proposal
encryption aes-cbc-256
integrity sha512
dh group20