cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
362
Views
0
Helpful
1
Replies

Stop SA / VPN requests

Daniel Graham
Level 1
Level 1

My logs on several of my WAN routers are full of the following messages -

730: IKE message from xx.xx.xx.xx has no SA and is not an initialization offer

728: Processing of Main mode failed with peer at xx.xx.xx.xx

1192: Processing of Informational mode failed with peer at xx.xx.xx.xx

These routers do not have IPSEC feature on them, and thus do not provide any vpn services.

How can I stop this from happening? Is there another way becides blocking these IP's in an access list?

Thanks,

1 Reply 1

b.hsu
Level 5
Level 5

IKE maintains state for a communication in the form of security associations. No security association exists for this packet and it is not an initial offer from the peer to establish one. It appears that the remote peer or client is misconfigured.

Refer this link for more info:

http://www.cisco.com/en/US/products/ps5845/products_system_message_guide_chapter09186a00806a2ba5.html#wp1017258

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: