Security

 View Only
last person joined: 14 days ago 

Securing your network and related platform configuration and troubleshooting with Juniper security technologies including Advance Threat Prevention, Cloud-Based Management Services, Cloud-delivered Security, Cloud Workload Protection, DDoS, Juniper Secure and other solutions.
  • 1.  IKEv2 Errors on m7i

    Posted 06-09-2022 13:28
    When using IKEv2 on an m7i with an adaptive services module running 15.1R7.9 the VPNs aren't stable, and I am getting these strange log messages:

    ikev2_state_error: [9970c00/a41d400] Negotiation failed because of error Out of memory (65537)

    Neither the RE or the adaptive services module is low on memory.  The VPNs come back up, but they flap quite a bit.  Also to note, these memory errors are only seen with 'route based' type VPNs, i.e. ones with 0.0.0.0:0/0.0.0.0:0 traffic selectors, not VPNs with explicit networks described for phase 2.  Any idea what these memory errors mean?  I don't see these errors with VPNs that use IKEv1.