Question 36 of 56 from exam 300-730-SVPN: Implementing Secure Solutions with Virtual Private Networks
Question
![*Nov 26 @@:52:20.002: IKEv2:(SESSION ID = 1,SA ID = 1):Received Packet [From 10.10.10.1:500/To 10.10.10.2:500/VRF i0:f0]
Initiator SPI : D5684E1462991856 - Responder SPI : 2162145C95256F6A Message id: 1
IKEv2 IKE_AUTH Exchange RESPONSE
*Nov 26 0@:52:20.002: IKEv2-PAK:(SESSION ID = 1,SA ID = 1):Next payload: ENCR, version: 2.@ Exchange type: IKE_AUTH, flags: RESPONDER MSG-RESPONSE Message id: 1, length: 236
Payload contents:
VID Next payload: IDr, reserved: @x@, length: 20
IDr Next payload: AUTH, reserved: @x@, length: 12
Id type: IPv4 address, Reserved: @x@ @x@
AUTH Next payload: SA, reserved: @x@, length: 28
Auth method PSK, reserved: @x®@, reserved: @x@
SA Next payload: TSi, reserved: @x@, length: 40
last proposal: @x@, reserved: @x@, length: 36
Proposal: 1, Protocol id: ESP, SPI size: 4, #trans: 3 last transform: @x3, reserved: @x@: length: 8
type: 1, reserved: @x@, id: 3DES
last transform: 6x3, reserved: @x@: length: 8
type: 3, reserved: @x@, id: SHA96
last transform: @x@, reserved: @x@: length: 8
type: 5, reserved: @x@, id: Don’t use ESN
TSi Next payload: TSr, reserved: @x@, length: 24
Num of TSs: 1, reserved @x®@, reserved @x@
TS type: TS_IPV4_ADDR_RANGE, proto id: @, length:
start port: @, end port: 65535
start addr: 30.30.30.6, end addr: 30.30.30.255
TSr Next payload: NOTIFY, reserved: @x@, length: 24
Num of TSs: 1, reserved @x@, reserved @x@
TS type: TS_IPV4_ADDR_RANGE, proto id: @, length: 16
start port: @, end port: 65535
start addr: 20.20.20.0, end addr: 20.20.20.255
NOTIFY(SET_WINDOW_SIZE) Next payload: NOTIFY, reserved: @x@, length: 12
Security protocol id: Unknown - @, spi size: 6, type: SET_WINDOW_SIZE
NOTIFY(ESP_TFC_NO_SUPPORT) Next payload: NOTIFY, reserved: @x®@, length: 8
Security protocol id: Unknown - @, spi size: @, type: ESP_TFC_NO_SUPPORT
NOTIFY(NON_FIRST_FRAGS) Next payload: NONE, reserved: @x@, length: 8
Security protocol id: Unknown - @, spi size: 6, type: NON_FIRST_FRAGS
*Nov 26 00:52:20.003: IKEv2:(SESSION ID = 1):Process auth response notify
*Nov 352: : IKEv2:(SESSION ID = 1):Searching policy based on peer’s identity ‘10.10.10.1’ of type ‘IPv4 address’
*Nov IKEv2-ERROR: (SESSION SA ID = 1):: Failed to locate an item in the database
IKEv2: (SESSION ID = = 1):Verification of peer’s authentication data FAILED
IKEv2: (SESSION ID = = 1):Auth exchange failed
IKEv2-ERROR: (SESSION SA ID = 1):: Auth exchange failed
IKEv2: (SESSION ID 1):Abort exchange
: IKEv2:(SESSION ID 1):Deleting SA](https://eaeastus2.blob.core.windows.net/optimizedimages/static/images/Implementing-Secure-Solutions-with-Virtual-Private-Networks-(SVPN-300-730)/question/img0003000001.png)
Refer to the exhibit.
The IKEv2 site-to-site VPN tunnel between two routers is down.
Based on the debug output, which type of mismatch is the problem?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.