I'm manually setting up a 7005 branch controller in 8.5 to a 7010 VPNC. I have a tunnel between the MM and the VPNC, and tunnel between the VPNC and the branch controller. But the MM show the branch as down. I added the branch to the Controllers list and the branch has the MM IP. Any clues as to where I should look next? Thanks for any help.
Thanks for the suggestion but there is no change. The branch gets an IP from the VPNC. I see ipsec tunnels to /mm and branch from the VPNC. The branch logs show
Apr 2 09:02:01 :103103: <3316> <WARN> |ike| IKE SA Deletion: IKE2_delSa peer:<IP>:4500 id:2592555168 errcode:ERR_IKESA_EXPIRED saflags:0x41000005 arflags:0x20
Thanks!
There is no firewall. In the initial setup I listed the VPNC IP. The output of 'show conf effective' show the vpn-ip as the VPNC IP. Show ip route list the VPNC IP as an ipsec map management-vpnc. Show datapath session shows limited traffic between the branch and VPNC but keeps resetting. Thanks!
Yes, very similar. I'm using public IP addresses to try to keep it simple. I only have a single VPNC. Default gw is on the same subnet. The vpn-mac-1 that I have doesn't match the VPNC mac. I'm not sure where it came from -- possibly another branch controller I had been working with. Not sure how to change that line. Thanks.
Sorry, I misread the mac address above. It is the correct mac address of the VPNC controller.
I got this working with Aruba TAC's help. Needed to use Mgmt mac address for MM and backup MM when running VPNC setup script. -- Jim
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.