cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
703
Views
0
Helpful
3
Replies

New to IPSec, VPN, SA error..

apcgabe
Level 1
Level 1

3w6d: IPSEC(epa_des_crypt): decrypted packet failed SA identity check

What does that mean? I am very new to IPSec and dedicated vpn's, about (20minutes new :) and from

what i've read, this means that a packet that comes into my router, looks for an isakmp policy that matches the policy applied on the remote router and if it doesn't find one the tunnel isn't established... does this relate in any way to the errors about the SA?

#pkts encaps: 130, #pkts encrypt: 130, #pkts digest 130

#pkts decaps: 158, #pkts decrypt: 158, #pkts verify 158

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0

#pkts not decompressed: 0, #pkts decompress failed: 0

#send errors 0, #recv errors 0

but this says no errors have been logged so where are these errors coming from? and the tunnel is up by the way...

Thanks.

3 Replies 3

umedryk
Level 5
Level 5

You have not mentioned if you are using a 7200 router. Buy this seems to be a standard bug in 7200 router.

cisco 2611 router

please show your config...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: