Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
379
Views
3
Helpful
1
Replies

Error Message #2

yazanmughrabi
Level 1
Level 1

‎09-11-2005 09:58 PM

Hi,

Can anybody please tell me what this error message means?

*Mar 11 23:59:08.503: %CRYPTO-4-IKMP_NO_SA: IKE message from 172.16.10.1 has

no SA and is not an initialization offer

Any help would be appreciated,

Thanx

Yazan

Labels:
0 Helpful
1 Reply 1

spremkumar
Level 9
Level 9

‎09-11-2005 10:41 PM

hi

This is the meaning of the error message..

1. %CRYPTO-4-IKMP_NO_SA: IKE message from [IP_address] has no SA and is not an initialization offer

IKE maintains state information for a communication in the form of security associations. No security association exists for this packet and it is not an initial offer from the peer to establish one. This situation could indicate a denial-of-service attack.

we did face similar kinda error messages in our 3660 boxes in which we have crypto supported/compatible ios codes installed in that.

we did recieve the same from public block belongs to different domains,if you dont want them to be logged up then you can block the ports belongs to IKE and IPSEC in your box if you arent running any existing crypto tunnels with any of the other peers.

regds

Customers Also Viewed These Support Documents