01-28-2021 11:50 AM
Working with PA 5250 and ASA on the other end. The tunnel between is up and communication flows across however we are seeing constant system errors being logged.
When we enable the tunnel we get the following.
IKEv2 child SA negotiation is succeeded as initiator, non-rekey. Established SA: x.x.x.x[500]-y.y.y.y[500] message id:0x00000C44, SPI:0xDB7C2CCE/0x2C52FBD3.
IKEv2 child SA negotiation is failed as initiator, non-rekey. Failed SA: x.x.x.x[500]-y.y.y.y[500] message id:0x00000B7A. Error code 19
The failed message keeps repeating approx. every 8 sec. In examining the ikev2 settings we do not see any disparities between the two routers--
We have seen these messages however between these two peers
IKEv2 SA negotiation is failed, received notify type ESP_TFC-PADDING_NOT_SUPPORTED
IKEv2 SA negotiation is failed, received notify type NON_FIRST_FRAGMENTS_ALSO
Can anyone shed some light?
Thanks in Advance
