Wireless Access

Reply
Highlighted
Occasional Contributor I

Wrong passwords between MC and MM / MM and MM

how can i troubleshoot this issue and find the root cause

 

Wrong passwords between MC and MM

 

OR MM and MM

Highlighted

Re: Wrong passwords between MC and MM / MM and MM

In your Mobility Master (MM) there will be a line(s) in the configuration for each of the Mobility Controllers (MCs):

!
localip <controller-ip> ipsec ******

 To find it easier and to de-encrypt the ipsec PSK try this:

cd /mm
encrypt disable
show configuration effective | include localip

Try setting this PSK to what you configured during the full-setup phase of the controller. 

 

For the MM redundancy (MM to MM)  the ipsec key is configured under 'master-redundancy'. Look for the following:

peer-ip-address <MM-peer> ipsec <ipsec-key>

This needs to be the same at both MMs.

Remember to 'encrypt enable' when you're done. 

Highlighted
Occasional Contributor I

Re: Wrong passwords between MC and MM / MM and MM

how can i check the error by the debug ???

Highlighted

Re: Wrong passwords between MC and MM / MM and MM

As it's IPsec auth failure you would be looking for IKE failure in the ipsec related debug logs. One of these will do the trick:

 

logging security process crypto level debugging
logging security subcat ike level debugging
logging security process authmgr level debugging

 

 

Maybe something like this: <6280> <DBUG> |ike| 10.10.10.99:500-> I <-- Notify: AUTHENTICATION_FAILED (IKE)

Remember to turn off debug level logging after you're finished.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: