SRX Services Gateway
Highlighted
SRX Services Gateway

Random NULL User/Group (Dynamic VPN)

‎11-12-2019 08:08 PM

Evening,

 

I've been up and running with Dynamic VPN for a couple of months now and I am still ironing out some of the issues my users are seeing. I was finally able to obtain dignostics this evening and wanted to see if anyone had any input on a particular nasty issue I am having.

 

The issue is totally random and the only solution I have come up with so far is for the user to disconnect and reconnect until the VPN "works."

 

What I discovered this evening when a user reported the issue was a weird output from show security dynamic-vpn users. The user connected has this output:

 

User: NULL , User group: NULL , Number of connections: 0
Remote IP: xxx.xxx.xxx.xxx
IKE ID : NULL
IKE Lifetime: 0
IPSEC Lifetime: 0
Status: CONNECTED

 

I'm connected at the same time and I have the proper data and then some for my user. If the user disconnects and reconnects it will often correct itself, but sometimes it takes 3-4 attempts to connect properly. A quick google search returned one post where someone mentioned this was a bug in some releases, but that was almost 5 years ago.

 

I am currently on release 15.1X49-D170.4 on a SRX340.

 

Is there some configuration that can be put in place to prevent this from occuring?

 

I appreciate the help,

Michael