I'm setting up BGP over a site-to-site VPN. Rather new to this and can't get it running, VPN is up.
BGP shows:
Peer AS Remote IP Local IP Wt Status State ConnID Up/Down
--------------------------------------------------------------------------------------
1257 130.244.28.178 0.0.0.0 100 Enabled ACTIVE 0 54d;21:00:23
1257 130.244.131.114 0.0.0.0 100 Enabled ACTIVE 0 54d;21:00:23
Debug session shows:
****** packet decapsulated, type=ipsec, len=64******
ipid = 58431(e43f), @1d647114
tunnel.11:130.244.28.178/27532->130.244.28.179/179,6<Root>
no session found
flow_first_sanity_check: in <tunnel.11>, out <N/A>
chose interface tunnel.11 as incoming nat if.
flow_first_routing: in <tunnel.11>, out <N/A>
search route to (tunnel.11, 130.244.28.178->130.244.28.179) in vr trust-vr for vsd-0/flag-0/ifp-null
cached route 19 for 130.244.28.179 <This is my next hop for default route- i suspect this is incorrect, related to a routing issue but don't know from here..>[ Dest] 19.route 130.244.28.179->217.115.192.1, to ethernet0/0
routed (x_dst_ip 130.244.28.179) from tunnel.11 (tunnel.11 in 0) to ethernet0/0
policy search from zone 114-> zone 1
policy_flow_search policy search nat_crt from zone 114-> zone 1
RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 130.244.28.179, port 179, proto 6)
No SW RPC rule match, search HW rule
swrs_search_ip: policy matched id/idx/action = 320000/-1/0x0
Searching global policy.
swrs_search_ip: policy matched id/idx/action = 320000/-1/0x0
policy id (320000)
packet dropped, denied by policy
Policy id deny policy, ipv6 0, flow_potential_violation 0
**** pak processing end.
Any suggestions?..
------------------------------
MEINDERT UITMAN
------------------------------