Hi All,
we having a issue and below are the logs like,
Jan 17 01:00:13 MXHJUNFW1 kmd[11563]: IKE negotiation failed with error: Timed out. IKE Version: 1, VPN: REDKNEE Gateway: REDKNEE-GW, Local: 201.x.x.x/50 0, Remote: 72.y.y.y/500, Local IKE-ID: Not-Available, Remote IKE-ID: Not-A vailable, VR-ID: 0: Role: Initiator
Jan 17 01:00:21 MXHJUNFW1 kmd[11563]: KMD_VPN_TS_MISMATCH: Traffic-selector mis match, vpn name: ipsec-vpn-Cierto_GDL, Peer Proposed traffic-selector local-ip: ipv4(201.y.y.y), Peer Proposed traffic-selector remote-ip: ipv4(20.1.0.0- 20.x.255.255)
Jan 17 01:00:21 MXHJUNFW1 kmd[11563]: KMD_VPN_TS_MISMATCH: Traffic-selector mis match, vpn name: ipsec-vpn-Cierto_GDL, Peer Proposed traffic-selector local-ip: ipv4(201.157.127.171), Peer Proposed traffic-selector remote-ip: ipv4(13.84.55. 137)
Jan 17 01:00:21 MXHJUNFW1 kmd[11563]: IPSec negotiation failed with error: Peer proposed traffic-selectors are not in configured range. IKE Version: 1, VPN: ip sec-vpn-Cierto_GDL Gateway: ike-gate-Cierto_GDL, Local: 201.a.a.a/500, Rem ote: 189.b.b.b/500, Local IKE-ID: 201.a.a.a, Remote IKE-ID: 189.b.b.b, VR-ID: 0
Jan 17 01:00:21 MXHJUNFW1 kmd[11563]: IPSec negotiation failed with error: Peer proposed traffic-selectors are not in configured range. IKE Version: 1, VPN: ipsec-vpn-Cierto_GDL Gateway: ike-gate-Cierto_GDL, Local: 201.a.a.a/500, Remote: 189.b.b.b/500, Local IKE-ID: 201.a.a.a, Remote IKE-ID: 189.b.b.b, VR-ID: 0
Jan 17 01:00:25 MXHJUNFW1 kmd[11563]: KMD_VPN_TS_MISMATCH: Traffic-selector mismatch, vpn name: ipsec-vpn-Cierto_GDL, Peer Proposed traffic-selector local-ip: ipv4(201.a.a.a), Peer Proposed traffic-selector remote-ip: ipv4(13.z.z.z)
could you please tell what is the issue, how to solve this and how to approach.
Thanks
Rakesh
------------------------------
Rakesh A
------------------------------