I have a couple of SRX3600 in a cluster configuration, I configured ipsec VPN and I am getting the follwoing error in the kmd logs:
Aug 26 21:39:30 (FPC Slot 11, PIC Slot 0) SPC11_PIC0 kmd: IKE negotiation failed with error: Out of memory. IKE Version: 2, VPN
There is plenty of memory left on the SRX and there is very little configured on it.
Software Rel 12.1X44-D40.2
Any help is appreciated.
Is it specific to one VPN or all VPNs are affected?
What are Phase 1 & Phase 2 lifetimes?
Hello ranwah ,
This issue is reported on 12.1X44 version related to IKE memory leak issue and we do have PR open for the same .
The Fix is in place from 12.1X46 version onwards . If you need more details on this please open a JTAC ticket for RCA .
Please let us know if you have any more concerns .