external interface - auto vs. fixed speed
T15 12.5U1
After changing my external interface from auto to 100Mbit/s full duplex and keep getting the below error:
=2) from Peer 1.1.1.1:500 ******** Debug
2019-09-01 18:13:22 iked (83.91.114.134<->1.1.1.1)Received IKEv2 "INFO request" message with message-ID:8 length:80 SPI[i=a52cbb746a027560 r=d71e44dd48d9dadb] Debug
2019-09-01 18:13:22 iked (83.91.114.134<->1.1.1.1)"INFO request" message has 1 payloads [ ENCR(sz=52)] Debug
2019-09-01 18:13:22 iked (83.91.114.134<->1.1.1.1)Got IKE policy 'HQAarhus' from ikeSA(0x107424b8 id:a66150a8 state:'MATURE') Debug
2019-09-01 18:13:22 iked (83.91.114.134<->1.1.1.1)recv a duplicated request msg, but could not find the response retry object with msgId(8) Debug
2019-09-01 18:13:22 iked (83.91.114.134<->1.1.1.1)Dropped IKEv2 INFORMATIONAL message from 1.1.1.1:500. Gateway-Endpoint='HQAarhus'. Reason=Invalid message ID in INFO request message. msg_id="021A-0005" Debug
2019-09-01 18:13:22 iked (83.91.114.134<->1.1.1.1)ike_process_pkt: ProcessData returned error (-1) Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)'DPD request' message created successfully. length:80 Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)Sent out DPD request message (msgId=11) from 83.91.114.134:500 to 1.1.1.1:500 for 'HQAarhus' gateway endpoint successfully. Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)ikeSA(0x107424b8)'s msgIdSend is updated: 11 -> 12 Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)******** RECV an IKE packet at 83.91.114.134:500(socket=14 ifIndex=2) from Peer 1.1.1.1:500 ******** Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)Received IKEv2 "INFO response" message with message-ID:11 length:80 SPI[i=a52cbb746a027560 r=d71e44dd48d9dadb] Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)"INFO response" message has 1 payloads [ ENCR(sz=52)] Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)Got IKE policy 'HQAarhus' from ikeSA(0x107424b8 id:a66150a8 state:'MATURE') Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)"INFO response" message has 0 payloads [] Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)IKEv2 "INFO response"'s decrypted message contains 0 payloads [] Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)dispatch the received INFO response message - IkeSA(0x107424b8)'s state=MATURE Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)Received the DPD response from 1.1.1.1:500 for gateway(HQAarhus), msgId=11 Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)ike2_P1StatusChange: notify ikePcy(HQAarhus ver#2)'s status becomes "UP" (ikeSA=0x107424b8) Debug
2019-09-01 18:13:25 iked (83.91.114.134<->1.1.1.1)stop the retry object(0x10743a18) for the previous request message(name=DPD request, msgId=11) Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)******** RECV an IKE packet at 83.91.114.134:500(socket=14 ifIndex=2) from Peer 1.1.1.1:500 ******** Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)Received IKEv2 "INFO request" message with message-ID:8 length:80 SPI[i=a52cbb746a027560 r=d71e44dd48d9dadb] Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)"INFO request" message has 1 payloads [ ENCR(sz=52)] Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)Got IKE policy 'HQAarhus' from ikeSA(0x107424b8 id:a66150a8 state:'MATURE') Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)recv a duplicated request msg, but could not find the response retry object with msgId(8) Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)Dropped IKEv2 INFORMATIONAL message from 1.1.1.1:500. Gateway-Endpoint='HQAarhus'. Reason=Invalid message ID in INFO request message. msg_id="021A-0005" Debug
2019-09-01 18:13:52 iked (83.91.114.134<->1.1.1.1)ike_process_pkt: ProcessData returned error (-1) Debug
Remote T35 said:
2019-09-01 18:28:49 iked (1.1.1.1<->83.91.114.134)recv a duplicated request msg, but could not find the response retry object with msgId(27) Debug
2019-09-01 18:28:49 iked (1.1.1.1<->83.91.114.134)Dropped IKEv2 INFORMATIONAL message from 83.91.114.134:500. Gateway-Endpoint='RobertPrivatNew'. Reason=Invalid message ID in INFO request message. msg_id="021A-0005" Debug
Rekeying gives me:
2019-09-01 19:23:48 iked (83.91.114.134<->1.1.1.1)Dropped IKEv2 IKE_AUTH request message from 1.1.1.1:500. Received unexpected message. NegRole:0 IKE-Policy:'HQAarhus'
Rekeying and rebooting both ends do not help.
Changing back my external interface to auto solves it.
Comments
ahh, most likely because i was getting rx-short-frame-errors and crc errors on the interface while running 100/full, even though both ends rapported 100/full.