SRX

last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  IKE negotation failed (error: 1419)

    Posted 06-05-2014 08:04
      |   view attached

    I setting up my frist dynamic vpn on a srx device. I keep running into Error 1419. I have read the following KB articles but I can't figure out what I setup incorrectly.I haven't tried to setup debugging on IKE yet because I don't really know what i would even been looking for in a detailed log.  I would appreciated if someone could take a quick look at my config. 

     

    Dynamic VPN: 'IKE Negotiations Failed' reported on Access Manager client

     

    Example: Configuring Dynamic VPN

     

     

    Attachment(s)

    txt
    configuration05062014.txt   8 KB 1 version


  • 2.  RE: IKE negotation failed (error: 1419)

    Posted 06-20-2014 06:24
      |   view attached

    I have gone through all the examples I can find but I still can't figure out what I have setup inncorrectly. I have tried rerunning the wizard and still no luck. I created detail logs from pulse but I am having trouble understanding them.

    Attachment(s)

    txt
    detaillogs.txt   50 KB 1 version


  • 3.  RE: IKE negotation failed (error: 1419)

    Posted 06-22-2014 22:49


    Hi Splendor,

     

    Configuration looks good.

     

    Are you using X.x.x.x to get connected from pulse client?

     

    Try Pulse version prior to 5.0R3 and verify the connection.

     

    is the pulse client , prompting for user authentication?

     

    Regards,
    rparthi



  • 4.  RE: IKE negotation failed (error: 1419)

    Posted 06-25-2014 11:55

    Hello! Thank you so much for the help!

     

    I was using on of the y.y.y.y/29 addresses. I use the x.x.x.x/30 for general office traffic and the y.y.y.y/29 for mail, web and ftp servers. I will give it a try on the x.x.x.x address.

     

    I will try downloading a older version of pulse.

     

    Yes pulse asks the user for their username and password once when the connection is intially setup.

     

    Thanks again for your help!



  • 5.  RE: IKE negotation failed (error: 1419)
    Best Answer

    Posted 06-26-2014 05:47

    Hi,

     

    Thanks for the update.

     

    Trying with X.X.X.X address and update me the result.

     


    Regards
    rparthi


    [Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too] .....

     

     



  • 6.  RE: IKE negotation failed (error: 1419)

    Posted 06-26-2014 15:02

    You sir an a gentlemen and a scholar. Thank you so much! Using the x.x.x.x address solved all the problems. I don't know why I never thought about it 😕



  • 7.  RE: IKE negotation failed (error: 1419)

    Posted 06-26-2014 22:21

    Hi Splendor,

     

    Could you mark this as accepted solution so that this query can be closed.

     


    Thanks & Regards,

    rparthi


    [Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too] .....



  • 8.  RE: IKE negotation failed (error: 1419)

    Posted 06-27-2014 06:10

    Solution Marked, Thank you so much.

     

    Just a note encase anyone looks at my config I posted, I had to change the order of the security policies to prevent the SRX from trying to pipe everything into the vpn tunnel. My policy for Internet_to_Internal had to be above my policy_in_wizard_dyn_vpn.