Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

L2L from my 3030 to a Watchguard FW Fails to Form Tunnel

I actually had phase 2 complete earlier today although we've been having problems getting this to work for a while now. TAC has remoted in and looked at it and I still have an open call for it.

I was hoping this might be something that someone here has seen before.

Here's what I'm seeing in the log:

8502 07/31/2003 15:02:17.110 SEV=5 IKE/68 RPT=17726 192.31.X.X

Group [192.31.X.X]

Received non-routine Notify message: Invalid ID info (18)

8503 07/31/2003 15:02:17.110 SEV=4 IKEDBG/0 RPT=11862

QM FSM error (P2 struct &0x483ca28, mess id 0xd39022fa)!

8504 07/31/2003 15:02:17.110 SEV=4 IKEDBG/65 RPT=19526 192.31.X.X

Group [192.31.X.X]

IKE QM Initiator FSM error history (struct &0x483ca28)

<state>, <event>:

QM_DONE, EV_ERROR

QM_WAIT_MSG2, EV_TIMEOUT

QM_WAIT_MSG2, NullEvent

QM_SND_MSG1, EV_SND_MSG

8509 07/31/2003 15:02:17.110 SEV=5 IKE/68 RPT=17727 192.31.X.X

Group [192.31.X.X]

Received non-routine Notify message: Invalid ID info (18)

8510 07/31/2003 15:02:17.120 SEV=5 IKE/68 RPT=17728 192.31.X.X

Group [192.31.X.X]

Received non-routine Notify message: Invalid ID info (18)

8511 07/31/2003 15:02:17.130 SEV=5 IKE/68 RPT=17729 192.31.X.X

Group [192.31.X.X]

Received non-routine Notify message: Invalid ID info (18)

8512 07/31/2003 15:02:18.100 SEV=4 IKE/41 RPT=7145

IKE Initiator: New Phase 2, Intf 2, IKE Peer 192.31.X.X

local Proxy Address 161.113.X.X, remote Proxy Address 10.2.0.0,

SA (L2L: TIRR)

I'm not sure why the remote proxy address is coming across as 10.2.0.0 when it is actually coming from or going to a specific address. Regardless Phase 2 is not completing.

TIA

3 REPLIES
New Member

Re: L2L from my 3030 to a Watchguard FW Fails to Form Tunnel

UPDATE: It now looks like I AM actually getting Phase 2 with traffic being received on my end but I'm not sending and I still am getting the above messages.

New Member

Re: L2L from my 3030 to a Watchguard FW Fails to Form Tunnel

I've have the same problem.

What was the solution ?

New Member

Re: L2L from my 3030 to a Watchguard FW Fails to Form Tunnel

I am having the same issue trying to connect my 3030 to a watchguard. did anyone ever solve this issue?

130
Views
0
Helpful
3
Replies
CreatePlease to create content