IPSec IKE Logging
Options
I have multiple VPNs set up on multiple firewalls, and they all throw logs constantly to the IKE_LOG with the following information:
The cookie pair is : 0x958dcb0ce7d072c5 / 0xe561d6849efb9191
Nothing bad is happening, but the logs are constant and these seem to be popping in every few seconds or faster. I don't know if I have a misconfiguration or if that's how the logs are supposed to look?
The cookie pair is : 0x958dcb0ce7d072c5 / 0xe561d6849efb9191
Nothing bad is happening, but the logs are constant and these seem to be popping in every few seconds or faster. I don't know if I have a misconfiguration or if that's how the logs are supposed to look?
0
All Replies
-
The cookie pair is for identify different VPN tunnels. The cookie ID is public key for exchanging with peer site when building VPN tunnel. If your VPN tunnels are working without any problem, you can ignore this kind of log.....because it is come from VPN healthy check mechanism in phase 1 setting. (Dead Peer Detection)
0 -
Is it normal for it to pop up every second or so per tunnel?0
-
Hi @BMS
The VPN tunnel will have a unique cookie ID during VPN tunnel is established. As @CHS mentioned, it is for identify different VPN tunnels.
You may have a reference by this screenshot, even same source IP address, but it using for different cookie ID:Tunnel#1: 0x5f217166560929ce(X.228.34.4.) & 0xeadfa01732e2510f(X.247.131.54)
Tunnel#2: 0x4fecef857d208395(X.228.34.4) & 0x3a6b6bcaf6d2a404(X.222.75.14)
The cookie pair entries are coming from DPD function. It is happening in the same time with "R_U_There" & "R_U_There_ACK". It is connectivity check to prevent zombie tunnel.
If your tunnel without any stability issue, you can ignore this log.0
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 74 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 333 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 198 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight