Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1921
Views
0
Helpful
1
Replies

Ipv6 Link-Local Address Support in IPsec Configurations.

Sandeep HM
Level 1
Level 1

‎04-19-2016 03:57 AM - edited ‎03-01-2019 05:50 PM

Hi everyone,

I am facing an issue where there are 2 machines communicating over IPsec v1 tunnel. The issue i am facing is that Phase 2 negotiation is failing when one of the node is configured with a Rule having Link-Local address.

So is this a limitation of IPSec that it will not support Link-Local address communications.

and also tried with Global-Unicast Address where in SA's are getting established and the connection is secured.

IPSec VPN : bgw-vpn-vpniu-ipv6
Owner : /IPSecRedundantVPNU
Template : bgw-vpn-vpniu-ipv6
Local address : 2a00:8a00:8000:a000:0:d:111c:5
Remote address : 2a00:8a00:8000:10a::2
VRF instance : default

------------------------------------------------------------------------

IPSec Rule : bgw-vpn-vpniu-ipv6
Owner : /IPSecRedundantVPNU
Source address : fe80::/10
Destination address : 2a00:8a00:8000:10a::2/128
Protocol : 0
Action : esp
VPN : bgw-vpn-vpniu-ipv6
Source port : 0
Destination port : 0
Mode : tunnel
Direction : both
VRF instance : default

Regards,

Sandeep

Labels:
0 Helpful
1 Reply 1

oketchsam1001
Level 1
Level 1

‎04-20-2016 01:24 AM

yap am also facing it. any way forward?

0 Helpful
Customers Also Viewed These Support Documents