PrepAway - Latest Free Exam Questions & Answers

what is causing this problem?

[edit] user@SRX-1# show security ike traceoptions file ike-trace; flag all; [edit]
user@SRX-1# show security ipsec traceoptions flag all; user@SRX-1> show log ike-trace
… Jun 13 17:00:33 :500 (Responder) -> 192.168.1.11:500 { 15276b72 6656c3b6 –
4ea713e7 d2487276 [1] / 0x9828a32e } QM; Invalid protocol_id = 0 Jun 13 17:00:34
Received authenticated notification payload unknown from local:192.168.1.10
remote:192.168.1.11 IKEv1 for P1 SA 3075335 Jun 13 17:00:34
iked_pm_ike_spd_notify_receiveD. Negotiation is already failed. Reason: TS unacceptable.
Jun 13 17:00:34 QM notification `(null)’ (40001) (size 8 bytes) from 192.168.1.11 for
protocol Reserved spi[0…3]=0f f0 ce d3 Jun 13 17:00:34 ike_st_i_private: Start Jun 13
17:00:34 ike_st_o_qm_hash_2: Start Jun 13 17:00:34 ike_st_o_qm_sa_values: Start Jun
13 17:00:34 :500 (Responder) -> 192.168.1.11:500 { 15276b72 6656c3b6 – 4ea713e7
d2487276 [1] / 0x9828a32e } QM; Error = No proposal chosen (14) Jun 13 17:00:34
ike_alloc_negotiation: Start, SA = { 15276b72 6656c3b6 – 4ea713e7 d2487276} Jun 13
17:00:34 ike_encode_packet: Start, SA = { 0x15276b72 6656c3b6 – 4ea713e7 d2487276 } /
65407839, nego = 2 Jun 13 17:00:34 ike_send_packet: Start, send SA = { 15276b72
6656c3b6 – 4ea713e7 d2487276}, nego = 2, dst = 192.168.1.11:500, routing table id = 0
Jun 13 17:00:34 ike_delete_negotiation: Start, SA = { 15276b72 6656c3b6 – 4ea713e7
d2487276}, nego = 2 Jun 13 17:00:34 ike_free_negotiation_info: Start, nego = 2 Jun 13
17:00:34 ike_free_negotiation: Start, nego = 2 Jun 13 17:00:34 IPSec negotiation failed for
SA-CFG Unknown for local:192.168.1.10, remote:192.168.1.11 IKEv1. status: TS
unacceptable Jun 13 17:00:34 P2 ed info: flags 0x0, P2 error: TS unacceptable Jun 13
17:00:34 iked_pm_ipsec_sa_done: Phase2 failed 2/3 times for P1 SA 3075335 The IPsec
tunnel is not establishing between SRX-1 and a remote device. Referring to the exhibit,
what is causing this problem?

PrepAway - Latest Free Exam Questions & Answers

A.
IKE Phase 2 proposals mismatch

B.
IKE Phase 1 IKE ID mismatch

C.
IKE Phase 1 proposals mismatch

D.
IKE Phase 2 proxy ID mismatch

Explanation:


Leave a Reply