Hi All,
I am getting the following log though the site to site vpn tunnel between two peers is still up and running fine without any complaints.
Also I checked the interesting traffic (ACL) config and it is same at both ends.
Jun 11 16:10:22 utc: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at 209.171.xxx.xx
Jun 11 16:11:22 utc: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at 209.171.xxx.xx
Jun 11 16:12:22 utc: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at 209.171.xxx.xx
#sh cry ipse sa peer 209.171.xxx.xx
interface: GigabitEthernet0/1
Crypto map tag: VPNMAP, local addr. 65.55.xxx.xx
protected vrf:
local ident (addr/mask/prot/port): (65.55.xxx.xxx/255.255.255.255/6/0)
remote ident (addr/mask/prot/port): (208.38.xxx.xxx/255.255.255.255/6/5812)
current_peer: 209.171.xxx.xx:500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 8561, #pkts encrypt: 8561, #pkts digest 8561
#pkts decaps: 4291, #pkts decrypt: 4291, #pkts verify 4291
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 2, #recv errors 0
local crypto endpt.: 65.55.xxx.xx, remote crypto endpt.: 209.171.xxx.xx
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/1
current outbound spi: 0
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
protected vrf:
local ident (addr/mask/prot/port): (65.55.xxx.xxx/255.255.255.255/6/0)
remote ident (addr/mask/prot/port): (208.38.xxx.xxx/255.255.255.255/6/5812)
current_peer: 209.171.xxx.xx:500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 3424641, #pkts encrypt: 3424641, #pkts digest 3424641
#pkts decaps: 3760696, #pkts decrypt: 3760696, #pkts verify 3760696
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 3, #recv errors 0
local crypto endpt.: 65.55.xxx.xx, remote crypto endpt.: 209.171.xxx.xx
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/1
current outbound spi: 57140C90
inbound esp sas:
spi: 0x96137A67(2517858919)
transform: esp-3des esp-sha-hmac ,
in use settings ={Tunnel, }
slot: 0, conn id: 8127, flow_id: 1039, crypto map: VPNMAP
sa timing: remaining key lifetime (k/sec): (4513759/2293)
IV size: 8 bytes
replay detection support: Y
inbound ah sas:
inbound pcp sas:
outbound esp sas:
spi: 0x57140C90(1460931728)
transform: esp-3des esp-sha-hmac ,
in use settings ={Tunnel, }
slot: 0, conn id: 8128, flow_id: 1040, crypto map: VPNMAP
sa timing: remaining key lifetime (k/sec): (4513740/2293)
IV size: 8 bytes
replay detection support: Y
outbound ah sas:
outbound pcp sas:
protected vrf:
local ident (addr/mask/prot/port): (65.55.xxx.xxx/255.255.255.255/6/0)
remote ident (addr/mask/prot/port): (208.38.xxx.xxx/255.255.255.255/6/5812)
current_peer: 209.171.xxx.xx:500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 117, #pkts encrypt: 117, #pkts digest 117
#pkts decaps: 115, #pkts decrypt: 115, #pkts verify 115
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 3, #recv errors 0
local crypto endpt.: 65.55.xxx.xx, remote crypto endpt.: 209.171.xxx.xx
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/1
current outbound spi: 0
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
Can someone please suggest me what to do to stop these logs.
Jopeti.