DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

IKEv2 VPN 2962 IKE Authentication credentials are unacceptable

trentservices
Topic Author
User

05 Jun 2024 10:51 #1 by trentservices

IKEv2 VPN 2962 IKE Authentication credentials are unacceptable was created by trentservices

Hi,
just changed over to the 2962 and setup the ikev2 vpn for users. managed to get the rules to work but other traffic would not come in. Anyway I have addressed this and managed to get it all connecting as it should.
Changed the lan ip and connected the new WAN. ALl traffic seems to be fine apart from now no VPN user can connect. I have confirmed the username and password and tried a few others. the Cert is installed on the the laptop/desktop as it was when it worked.
syslog:
DrayTek: ## IKEv2 DBG : INFORMATIONAL OUT : Try to send Delete SA payload but #53 status STATE_PARENT_R2 is NOT established
DrayTek: ## IKEv2 DBG : IKE SA #53:STATE_PARENT_R2 is going to be deleted, delete its CHILD SA #54:STATE_EAP_CONTINUE
DrayTek: ## IKEv2 DBG : EAP_START : Create Child SA #54, IKE SA is #53
DrayTek: ## IKEv2 DBG : EAP_START : Receive IKEv2 Notify IKEv2_MOBIKE_SUPPORTED[16396]
DrayTek: ## IKEv2 DBG : EAP_START : Always send My Certificate
DrayTek: ## IKEv2 DBG : IKESA inI2_outR2_F : Peer requests EAP ...
DrayTek: ## IKEv2 DBG : Reassembly : parse payload failed
DrayTek: ## IKEv2 DBG : Missing payload : 0x40
DrayTek: ## IKEv2 DBG : Received IKEv2 Notify IKEv2_MOBIKE_SUPPORTED[16396]
DrayTek: ## IKEv2 DBG : Reassembly : frag buffer size 12800
DrayTek: ## IKEv2 DBG : Reassembly : recv 3/3 Encrypted Fragmentation packets
DrayTek: ## IKEv2 DBG : Recv IKEv2_AUTH[35] Request msgid 1 from XXX.XXX.XXX.XXX, Peer is IKEv2 Initiator
DrayTek: ## IKEv2 DBG : Recv IKEv2_AUTH[35] Request msgid 1 from XXX.XXX.XXX.XXX, Peer is IKEv2 Initiator
DrayTek: ## IKEv2 DBG : Recv IKEv2_AUTH[35] Request msgid 1 from XXX.XXX.XXX.XXX, Peer is IKEv2 Initiator
DrayTek: ## IKEv2 DBG : IKESA inI1_outR1 : Responding IKE SA to XXX.XXX.XXX.XXX
DrayTek: ## IKEv2 DBG : frag_v2n : enable IKEv2_EXT_FRAGMENTATION[16430]
DrayTek: ## IKEv2 DBG : NAT_T Lookup : Peer is behind NAT
DrayTek: ## IKEv2 DBG : IKESA inI1_outR1 : Create IKE SA #53
DrayTek: ## IKEv2 DBG : Received IKEv2 Notify IKEv2_NAT_DETECTION_DESTINATION_IP[16389]
DrayTek: ## IKEv2 DBG : Received IKEv2 Notify IKEv2_NAT_DETECTION_SOURCE_IP[16388]
DrayTek: ## IKEv2 DBG : Received IKEv2 Notify IKEv2N_FRAGMENTATION_SUPPORTED[16430]
DrayTek: ## IKEv2 DBG : Recv IKEv2_SA_INIT[34] Request msgid 0 from XXX.XXX.XXX.XXX, Peer is IKEv2 Initiator

Please Log in or Create an account to join the conversation.

trentservices
Topic Author
User

05 Jun 2024 11:43 #2 by trentservices

Replied by trentservices on topic Re: IKEv2 VPN 2962 IKE Authentication credentials are unacceptable

resolved, seemed I had the ip address assigned to the cert. now it will connect but disconnects after 20 seconds.

Please Log in or Create an account to join the conversation.