Created on 12-25-2022 10:41 AM
This article describes the issue where VPN phase 1 is not coming up for a route-based VPN and the debug logs are showing the message:
'ignoring request to establish IPsec SA, gateway is in passive mode'.
Disable passive mode in VPN phase 1 setting.
Follow the steps given below:
# config vpn ipsec phase1-interface edit phase-1-name <----- Tunnel name. set passive-mode disableend
