Hi
I am receiving the error "IKE gateway configuration lookup failed during negotiation" in the kmd-logs.
Does anyone know what specifically causes this IKE error?
I can not find the cause of the error in the tunnel events
https://www.juniper.net/documentation/en_US/junos/topics/reference/general/security-ipsec-vpn-tunnel-event.html
I have checked the config between the 2 sites (Peer is a Palo Alto device) multiple times, and the configurations are the same. There is routing between external interfaces as well.
My Config
root@Brach-1# show security ike
proposal TEST-PROPOSAL {
authentication-method pre-shared-keys;
dh-group group20;
authentication-algorithm sha-384;
encryption-algorithm aes-256-cbc;
lifetime-seconds 180;
}
policy TEST-Policy {
mode main;
proposals TEST-PROPOSAL;
pre-shared-key ascii-text "$9$equvX7dbs4JGVb"; ## SECRET-DATA
}
gateway TEST-GW {
ike-policy TEST-Policy;
address 192.168.100.2;
external-interface ge-0/0/1.0;
}
[edit]
root@Brach-1# show security ipsec
proposal TEST-Proposal {
protocol esp;
authentication-algorithm hmac-sha-256-128;
encryption-algorithm aes-256-cbc;
lifetime-seconds 600;
}
policy TEST-Policy {
perfect-forward-secrecy {
keys group20;
}
proposals TEST-Proposal;
}
vpn TEST-VPN {
bind-interface st0.0;
ike {
gateway TEST-GW;
ipsec-policy TEST-Policy;
}
establish-tunnels immediately;
}
Regards
Oscar