Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
455
Views
0
Helpful
3
Replies

Random Public Addresses coming through ESP

booftw
Level 1
Level 1

‎01-22-2019 09:58 AM

Setting up a point to point tunnel with a new vendor. We have an ASA and they are using a Juniper. The tunnel is up and established, he's showing 2 way encrypted traffic when I ping. I'm only showing tx traffic from my pings, when he pings my side I receive this in the logs: 

 

IPSEC: Received an ESP packet (SPI= 0xB4089FFC, sequence number= 0xD7) from x.x.x.x (user= x.x.x.x) to x.x.x.x.  The decapsulated inner packet doesn't match the negotiated policy in the SA.  The packet specifies its destination as 3da8:3c1a:6942:4c0a:fcec:d89a:5614:c62, its source as 4aac:c0c:56de:a2ed:f91d:816e:8660:be47, and its protocol as 255.  The SA specifies its local proxy as x.x.x.x/255.255.255.255/ip/0 and its remote_proxy as x.x.x.x/255.25

 

It's a series of random ipv6 and sometimes ipv4 addresses, they're always different with each ping. Has anyone experienced this before?

Labels:
0 Helpful
3 Replies 3

Sheraz.Salim
VIP
VIP

‎01-22-2019 10:20 AM

could be they using a dual stack or mixture of any ipv4 or ipv6 at the same time.

please do not forget to rate.
0 Helpful

booftw
Level 1
Level 1
In response to Sheraz.Salim

‎01-22-2019 10:36 AM

They have confirmed that they are not using any ipv6 addressing on their end, shared some of the logs and they have no idea where those addresses are coming from. Looked up some of the ipv4 addresses on arin and they are from net360, APNIC, IANA reservered, USAISC, etc. No idea how this traffic is getting encapsulated and sent over to us. 

0 Helpful

Sheraz.Salim
VIP
VIP
In response to booftw

‎01-22-2019 10:45 AM

does your and remote site have same phase1 and phase2 setting with mirror ACL?

please do not forget to rate.
0 Helpful
Customers Also Viewed These Support Documents