Digi -> Digi IPSEC VPN Drops

ChrisLawrenceNom · July 9, 2020, 10:00am

Hi

We have a S2S IPSEC tunnel betweend 2 digi WR21. The tunnel will establish and pass traffic and every now and again the tunnel drops and we get these errors in the logs.

A reboot of either side brings the tunnel back. Run a Diff on the config to make sure we’re identical on both sides and it is.

10:31:18, 08 Jul 2020,IKE Request Received From Eroute 0
10:31:18, 08 Jul 2020,(1177) IKE SA Removed. Peer: ,Negotiation Failure
10:31:18, 08 Jul 2020,(1177) IKE Negotiation Failed. Peer: ,Retries Exceeded

Anny · July 15, 2020, 5:07am

Hi Chris and welcome to Digi Forum!

The retries exceeded error means that the remote peer is not responding within the timeout for all the possible retries. So the negotiation give up.

I would suggest you to check the network connection on the remote peer to see if any traffic is possible at all or if just the IKE traffic having issues.

If you still have issues the best would be to open a case sending an email to tech.support@digi.com. Please provide IMEI of both WR21 as well as a debug.txt (https://www.digi.com/support/knowledge-base/how-to-extract-the-debug-txt-file-from-a-digi-tran) taken from both when the issue occurs.

Please also check our Support options here: https://www.digi.com/support

Best Regards

Anny
Digi Technical Support Team

Topic		Replies	Views
IKE Negotiation Failed. Peer: ,Inactivity Digi TransPort WR (Series) ipsec	1	401	March 31, 2021
IPSec - Negotiation Failure Digi TransPort WR (Series) vpn , wr21 , ipsec	3	534	March 16, 2021
IKE negotiation failed. Peer retries exceeded Digi TransPort WR (Series) ipsec	2	573	January 7, 2020
IPSec vpn tunnel down Digi TransPort WR (Series) vpn , ipsec	2	586	January 7, 2020
IPSec main mode failing connection Digi TransPort WR (Series) cisco , wr44 , ipsec	5	832	April 30, 2019

Digi -> Digi IPSEC VPN Drops

Related topics