10-28-2015 04:11 PM
We have connected several branch offices using PA200 and PA500 with ipsec tunnels to a PA3020 at our corporate office.
The corporate server is registering similare errors twice every 3 seconds. The error:
IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP xxx.xxx.xxx.xxx[52402], ID ipaddr:yyy.yyy.yyy.yyy.
and
IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP xxx.xxx.xxx.xxx[24211], ID ipaddr:yyy.yyy.yyy.yyy.
The only difference is the number in brackets following the peer IP address.
We have a remote site with an IP address of xxx.xxx.xxx.xxx but its tunnels are up and the yyy.yyy.yyy.yyy sddress cannot be found anywhere in the configurations. The yyy.yyy.yyy.yyy IP address cannot be located in the corporate firewall either.
How can I determine where the request iscoming from so I can stop it?
What do the numbers in the brackets following the peer IP address mean?
