VPN Progress IPsec phase 2 ISSU

Forum|Forum|8 years ago
April 19, 2018
2 replies
11085 views

My VPN is UP. but at the log level I have a mistake Progress IPsec phase 2 Action negotiate Status failure Result ERROR

Toshi_Esumi

SuperUser

You need to provide enough info for anyone to understand what your VPN is. Site-to-site or remote access? Do you have multiple phase2s or just one? What is the selectors in phase2s? copy&paste&mask-some-IDs of phase1-interface and phase2-interface into the thread is the best.

domisawadogoAuthor

New Member

it is a VPN SITE to SITE with two phase. It's between fortigate-cisco how much of a phase should I do?

Toshi_Esumi

SuperUser

IPSec (w/ IKEv1) always have two phases, phase1 and phase2. I was asking if you have muiltpke phase2-interfaces configured to have multiple traffic selectors. The default is 0/0 <-> 0/0 means all. If you go to "config vpn ipsec phase2-interface" in CLI then "show" would show you all phase2s you configured.

And you said "UP", but is it actually passing traffic site-to-site?

domisawadogoAuthor

New Member

the tunnel goes to UP. but I have an error for phase two

ActionnegotiateStatusfailureResultERROR

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded