Home/Support/Support Forum/IKE negotiation failed. Peer retries exceeded
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

IKE negotiation failed. Peer retries exceeded

0 votes
I am trying to configure Digi Transport WR21 to be an initiator using IPSec to Cisco CSR1000v on Cloud as a responder

However, here is the event log on Digi Router

23:52:17, 02 Oct 2019,IKE Request Received From Eroute 2
23:52:14, 02 Oct 2019,ASY 5 Transmit Watchdog
23:52:07, 02 Oct 2019,IKE Request Received From Eroute 2
23:51:57, 02 Oct 2019,(242) New Phase 1 IKE Session X.X.X.X,Initiator
23:51:57, 02 Oct 2019,IKE Request Received From Eroute 2
23:51:57, 02 Oct 2019,(241) IKE SA Removed. Peer: ,Negotiation Failure
23:51:57, 02 Oct 2019,(241) IKE Negotiation Failed. Peer: ,Retries Exceeded
23:51:47, 02 Oct 2019,IKE Request Received From Eroute 2
23:51:37, 02 Oct 2019,IKE Request Received From Eroute 2
23:51:27, 02 Oct 2019,(241) New Phase 1 IKE Session X.X.X.X,Initiator
23:51:27, 02 Oct 2019,IKE Request Received From Eroute 2
23:51:27, 02 Oct 2019,(240) IKE SA Removed. Peer: ,Negotiation Failure
23:51:27, 02 Oct 2019,(240) IKE Negotiation Failed. Peer: ,Retries Exceeded
23:51:24, 02 Oct 2019,ASY 5 Transmit Watchdog
23:51:17, 02 Oct 2019,IKE Request Received From Eroute 2
23:51:07, 02 Oct 2019,IKE Request Received From Eroute 2
23:50:57, 02 Oct 2019,(240) New Phase 1 IKE Session X.X.X.X,Initiator
23:50:57, 02 Oct 2019,IKE Request Received From Eroute 2
23:50:57, 02 Oct 2019,(239) IKE SA Removed. Peer: ,Negotiation Failure
23:50:57, 02 Oct 2019,(239) IKE Negotiation Failed. Peer: ,Retries Exceeded
23:50:47, 02 Oct 2019,IKE Request Received From Eroute 2
23:50:37, 02 Oct 2019,IKE Request Received From Eroute 2
23:50:34, 02 Oct 2019,ASY 5 Transmit Watchdog
23:50:27, 02 Oct 2019,(239) New Phase 1 IKE Session X.X.X.X,Initiator
23:50:27, 02 Oct 2019,IKE Request Received From Eroute 2
23:50:27, 02 Oct 2019,(238) IKE SA Removed. Peer: ,Negotiation Failure
23:50:27, 02 Oct 2019,(238) IKE Negotiation Failed. Peer: ,Retries Exceeded
23:50:17, 02 Oct 2019,IKE Request Received From Eroute 2
23:50:07, 02 Oct 2019,IKE Request Received From Eroute 2


Can somebody help me to resolve this and check what may be the possible reason it causes this error?

Thanks
asked Oct 3, 2019 in Digi TransPort by kpgsuyat New to the Community (0 points)

Please log in or register to answer this question.

2 Answers

0 votes
Hello!

It looks like it is failing IKE Phase 1. I would double-check your IKE phase 1 matches. Keep in mind, if you are using Main mode then there are additional steps needed to negotiate IKE ID with PSK.

Another new user with the IPv4 address of the W-WAN interface with the PSK. This will total two (2) users. 1 for Phase 1 and 1 for phase 2.
answered Jan 3 by digi.jpac Community Contributor (65 points)
0 votes
Hi,
Based on the time stamps and events, it looks like the Cisco is not responding to the WR's IKE negotiation, or, the IKE response is not getting back to the WR. You should check the logs and debug on the Cisco.

Kind regards,
Ben - Digi Support
answered Jan 7 by bengartland Seasoned Professional (165 points)
...