IPSEC/2/IKE_WL_NEGO_FAIL

Message

IPSEC/2/IKE_WL_NEGO_FAIL: IPSec negotiation failed due to pki whitelist.(Peer=[PeerIP], CN=[CommonNameValue], Vrf=[VrfName], Port=[PortNumber])

In VS mode, this log is supported only by the admin VS.

Description

IPsec negotiation failed due to the whitelist function.

Parameters

Parameter Name Parameter Meaning

PeerIP

Peer Ip address

CommonNameValue

Common name value

VrfName

Vrf instance name

PortNumber

UDP port number

Possible Causes

IPsec negotiation failed because of a whitelist mismatch.

Procedure

Check whether the peer certificate is valid. If the peer certificate is invalid, obtain a valid one.

Check whether the local whitelist data is correct. If the data is incorrect, update it.

Parent Topic: IPSEC
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >