IKMP_MODE_FAILURE Error Log

spremkumar · ‎07-29-2003

Hi all

I m getting this message when i give show log command in my router.we are not running IPSEC in our router.

Y i m getting these logs since i m not running any IPSEC in our router...i m getting this error becoz the remote peer is trying to establish the tunnel or someone trying to establish tunnel with the remote peer??

pls clear these points ..

ROUTER#sh log | include IKMP

Jul 29 08:52:23.434 IST: %CRYPTO-4-IKMP_NO_SA: IKE message from 219.145.92.238 has no SA and is not an initialization offer

Jul 29 09:42:25.726 IST: %CRYPTO-4-IKMP_NO_SA: IKE message from 211.91.233.27 has no SA and is not an initialization offer

Jul 30 01:38:23.938 IST: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Main mode failed wi th peer at 207.46.121.10

Jul 30 01:39:16.170 IST: %CRYPTO-4-IKMP_NO_SA: IKE message from 207.46.121.10 has no SA and is not an initialization offer

thx in advance

prem

umedryk · ‎08-04-2003

Hi Prem,

%CRYPTO-4-IKMP_NO_SA: IKE message from [IP-address] has no SA and is not an initialization offer

IKE maintains the current state for a communication in the form of security associations. No security association exists for the specified packet, and it is not an initial offer from the peer to establish one. This situation could be a denial-of-service attack. Contact the remote peer or the administrator of the remote peer.