SRX

 View Only
last person joined: 12 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Question regarding RT_IPSEC log message

  • 1.  Question regarding RT_IPSEC log message

    Posted 01-12-2021 16:33
    Hi everyone,

    recently my SRX (320) is generating log messages like

    RT_IPSEC router Decryption failure: ESP padding check failed, invalid padding content for packet 123.234.567.890-0.1.2.3, tunnel ID 1234567, SPI 0x.... source-address 256.257.258.259 destination-address 260.261.262.263 tunnel-id 1234567 index ...

    The IP's 123.234.567.890 and 0.1.2.3 belong to me, though the other 2 IP's 256.257.258.259 and 260.261.262.263 not. Now I guess I know what "padding check fails" mean and using AES256-GCM this shouldn't be a problem, though the IP's 256.257... and 260.261... don't "belong" to me nor do I build any tunnels to these.
    This message appears since some days, the 0.1.2.3 is the IP of the SRX, the remote endpoints are geographically located in 2 continents and I'm getting similar messages for different IP tunnels, where also the 256.257.258.259 and 260.261.262.263 IP's differ but in any case come from the same ASN.

    May someone be so kind to enlighten me ?

    ------------------------------
    Tommy Scheunemann
    ------------------------------