%CRYPTO-4-IKMP_NO_SA@message

d.beppu · ‎12-25-2001

Hello,

We are using two IOS routers ( Cisco 1720 and

Cisco 7206VXR, both IOS versions are 12.1(3) )

for peer-to-peer VPN communications.

Both routers are set the IKE authentication method

to RSA-encrypted nonces. (authentication rsa-encr)

For a few months, VPN connections between the both

routers were OK.

But few days ago, the VPN connection was diconnected

suddenly, and the one router (Cisco 7206VXR) generated

the log below.

Dec 23 20:06:20: %CRYPTO-4-IKMP_NO_SA:

IKE message from xxx.xxx.xxx.xxx has no SA

and is not an initialization offer

We did not work on the two routers just before

the accident.

Any reasons for this?

Thank you.

a-vazquez · ‎01-02-2002

Possibly a hack attempt? Strange. Did the tunnel come back up?

errol.simon · ‎01-09-2002

Did you get any joy resolving this problem?

pdentico · ‎01-09-2002

Check the clocks. I had a router that when it rebooted the NTP failed and it would not reconnect.

(Just a thought)

d.beppu · ‎01-17-2002

Yes, the tunnel came back up by reconfiguring

the whole VPN config manually as before.

I know that VPN settings of routers are

sensitive to the clocks, but the clocks

have been working correctly.

Strange.

%CRYPTO-4-IKMP_NO_SA@message