hay@srx-hay> show security ike security-associations detail IKE peer 172.20.20.1, Index 6249886, Gateway Name: gw_wizard_dyn_vpn Role: Responder, State: UP Initiator cookie: 688f6040f2700f33, Responder cookie: b6f7da5d5d867f4f Exchange type: Aggressive, Authentication method: Pre-shared-keys Local: 172.20.20.2:500, Remote: 172.20.20.1:64529 Lifetime: Expires in 28219 seconds Peer ike-id: hayvsrx-hay Xauth user-name: hayv Xauth assigned IP: 10.1.0.1 Algorithms: Authentication : hmac-sha1-96 Encryption : aes128-cbc Pseudo random function: hmac-sha1 Diffie-Hellman group : DH-group-2 Traffic statistics: Input bytes : 8315 Output bytes : 10076 Input packets: 82 Output packets: 90 Flags: IKE SA is created IPSec security associations: 1 created, 0 deleted Phase 2 negotiations in progress: 0 Negotiation type: Quick mode, Role: Responder, Message ID: 0 Local: 172.20.20.2:500, Remote: 172.20.20.1:64529 Local identity: 172.20.20.2 Remote identity: hayvsrx-hay Flags: IKE SA is created hay@srx-hay> show security ipsec security-associations detail ID: 268173313 Virtual-system: root, VPN Name: wizard_dyn_vpn Local Gateway: 172.20.20.2, Remote Gateway: 172.20.20.1 Local Identity: ipv4_subnet(any:0,[0..7]=192.168.0.0/24) Remote Identity: ipv4(any:0,[0..3]=10.1.0.1) Version: IKEv1 DF-bit: clear Policy-name: policy_in_wizard_dyn_vpn Port: 500, Nego#: 2, Fail#: 0, Def-Del#: 0 Flag: 608829 Tunnel Down Reason: SA not initiated Direction: inbound, SPI: 595fbe63, AUX-SPI: 0 , VPN Monitoring: - Hard lifetime: Expires in 2711 seconds Lifesize Remaining: 499987 kilobytes Soft lifetime: Expires in 2134 seconds Mode: Tunnel(0 0), Type: dynamic, State: installed Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (128 bits) Anti-replay service: counter-based enabled, Replay window size: 64 Direction: outbound, SPI: a68a08e4, AUX-SPI: 0 , VPN Monitoring: - Hard lifetime: Expires in 2711 seconds Lifesize Remaining: 499987 kilobytes Soft lifetime: Expires in 2134 seconds Mode: Tunnel(0 0), Type: dynamic, State: installed Protocol: ESP, Authentication: hmac-sha1-96, Encryption: aes-cbc (128 bits) Anti-replay service: counter-based enabled, Replay window size: 64 hay@srx-hay> show log kmd [...] [Jul 24 08:44:02]KMD_INTERNAL_ERROR: iked_ifstate_eoc_handler: EOC msg received [Jul 24 08:44:43]KMD_INTERNAL_ERROR: iked_ui_event_handler: usp ipc connection for iked show CLI was SHUTDOWN due to error in receiving msg or age out of connection or flowd going down etc. Reconnect to pfe.. [Jul 24 16:23:28]KMD_INTERNAL_ERROR: iked_ifstate_eoc_handler: EOC msg received [Jul 25 09:36:08]KMD_INTERNAL_ERROR: kmd_read_securitycfg: dax_get_object_by_path() returned FALSE, secop: 0x3025ee20. [Jul 25 09:38:52]KMD_INTERNAL_ERROR: kmd_read_securitycfg: dax_get_object_by_path() returned FALSE, secop: 0x3025ee20. [Jul 25 15:34:32]KMD_INTERNAL_ERROR: iked_ifstate_eoc_handler: EOC msg received [Jul 25 15:35:01]KMD_INTERNAL_ERROR: iked_ui_event_handler: usp ipc connection for iked show CLI was SHUTDOWN due to error in receiving msg or age out of connection or flowd going down etc. Reconnect to pfe.. [Jul 26 09:44:32]KMD_INTERNAL_ERROR: kmd_show_sa_tunnel_info: 1294: sending show info for SA: instance-INSTANCE-wizard_dyn_vpn_0002_0005_0000_268173313