In diesem Artikel wird der Tunnelaufbau
- zwischen einer Fortigate 30 über den LTE Router Vodafone B2000 auf der einen
- und der Palo Alto auf der anderen Seite beschrieben.
Tunnel aufgebaut – Logfile der Palo Alto
Die letzte Meldung der Tunnelmonitors an der Palo Alto :
tunnel-status-down
Tunnel T244_LTE1:PXYID1 is down
ike-nego-p1-start
IKE phase-1 negotiation is started as responder, aggressive mode. Initiated SA: 185.9.110.39[500]-90.186.8.0[500] cookie:eb73b6d1c9de1f42:f7300780a51502b6. )
ike-nego-p1-succ
IKE phase-1 negotiation is succeeded as responder, aggressive mode. Established SA: 185.9.110.39[500]-90.186.8.0[500] cookie:eb73b6d1c9de1f42:f7300780a51502b6 lifetime 28800 Sec. )
ike-nego-p2-start
IKE phase-2 negotiation is started as responder, quick mode. Initiated SA: 185.9.110.39[500]-90.186.8.0[500] message id:0x82A12AEB.
ike-nego-p2-succ
IKE phase-2 negotiation is succeeded as responder, quick mode. Established SA: 185.9.110.39[500]-90.186.8.0[500] message id:0x82A12AEB, SPI:0xB005773E/0x3CD8C44F. )
ipsec-key-install
IPSec key installed. Installed SA: 185.9.110.39[500]-90.186.8.0[500] SPI:0xB005773E/0x3CD8C44F lifetime 3600 Sec lifesize unlimited. )
ike-send-p2-delete
IKE protocol IPSec SA delete message sent to peer. SPI:0xF48C19C7. )
ipsec-key-delete
IPSec key deleted. Deleted SA: 185.9.110.39[500]-90.186.8.0[500] SPI:0xF48C19C7/0x93CFA7C6. )
tunnel-status-up
Tunnel T244_LTE1:PXYID1 is up