PrepAway - Latest Free Exam Questions & Answers

Which is NOT likely reason for the failure?

You are looking at the event log of the responding device and it says Rejected an initial Phase 1 packet from an unrecognized peer gateway Which is NOT likely reason for the failure?

PrepAway - Latest Free Exam Questions & Answers

A.
Local ID misconfigured

B.
Gateway address misconfigured

C.
Outing Interface misconfigured

D.
Security proposals misconfigured

Explanation:
According to junipers knowledgebase there are several possible causes for this:
* This can be an indication that the IKE ID of the NetScreen-Remote client does not match the IKE ID of the Dial Up User configuration on the NetScreen gateway. Resolution: Verify the IKE ID of both NetScreen-Remote client and Dial Up VPN User, and make sure the two match
* Peer gateway address misconfigured when configuring the IKE Gateway. Resolution: Correct the gateway address on the remote side
* Peer ID misconfigured. The if remote end has a dynamic IP address, then the peer ID is misconfigured. Basically, the peer id that was received in the phase 1 negotiation does not match the peer id in the ike configuration.
Resolution: Modify the peer id on the local device and the local id on the remote device so they are the same
* Wrong outgoing interface defined in the IKE Phase 1 gateway. Resolution: Modify the outgoing interface in phase 1 so it matches the interface that the IKE negotiation will be going out of.


Leave a Reply