Symptom
C8000V can unexpectedly reboot during IKE2 negotiation after receiving IKEv2 IKE_AUTH Access-Reject.
Jan 17 2024 10:49:04.925 CET: IKEv2:(SESSION ID = 141,SA ID = 1):Verification of peer's authentication data FAILED
Jan 17 2024 10:49:04.925 CET: IKEv2:(SESSION ID = 141,SA ID = 1):Sending authentication failure notify
Jan 17 2024 10:49:04.925 CET: IKEv2:(SESSION ID = 141,SA ID = 1):Building packet for encryption.
Payload contents:
NOTIFY(AUTHENTICATION_FAILED)
Jan 17 2024 10:49:04.925 CET: IKEv2:(SESSION ID = 141,SA ID = 1):Sending Packet [To 31.39.174.242:49453/From 46.193.248.9:4500/VRF i0:f0]
Initiator SPI : 9D15ACB2E600CE25 - Responder SPI : 0763A234FBD1DE29 Message id: 1
IKEv2 IKE_AUTH Exchange RESPONSE
Payload contents:
ENCR
Jan 17 2024 10:49:04.926 CET: IKEv2:(SESSION ID = 141,SA ID = 1):Auth exchange failed
Jan 17 2024 10:49:04.926 CET: IKEv2-ERROR:(SESSION ID = 141,SA ID = 1):: Auth exchange failed
Jan 17 2024 10:49:04.926 CET: IKEv2:(SESSION ID = 141,SA ID = 1):Abort exchange
Conditions
C8000v running IKEv2 with AAA authorization
Workaround
There is not known any workaround for this issue.
