Juniper IPSEC VPN not established – one possible reason

Posted on 

[edit]
LaR3@spoke-vSRX2# run show security ipsec sa
  Total active tunnels: 0

[edit]
LaR3@spoke-vSRX2# run show security ipsec inactive-tunnels
  Total inactive tunnels: 2
  Total inactive tunnels with establish immediately: 2
  ID     Port  Nego#  Fail#  Flag      Gateway          Tunnel Down Reason
  131073 500   0      0      600228    10.0.23.1        Bind interface's zone information not available
  131074 500   0      0      600228    172.16.255.1     Bind interface's zone information not available

The reason for these ipsec tunnels not being established is obvious: st0.X interfaces are not assigned to any security zone:


set security zones security-zone inet interfaces st0.0
set security zones security-zone inet interfaces st0.1

No related posts.

Posted in Ipsec, Juniper, Juniper SRX and tagged , , .

Leave a Reply

Your email address will not be published. Required fields are marked *


7 × five =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>