General discussion

Locked

Event Log Message

By rkuhn ·
I have the following message in my event log that I can't seem to figure out. This occurred after turning on IPSec.

I realize what it means, but I can't seem to resolve the situation. I only get this message concerning 1 PC on the network, the rest are fine:

IKE security association establishment failed because peer
sent invalid proposal.

Mode:
Key Exchange Mode (Main Mode)

Filter:
Source IP Address 192.168.0.20
Source IP Address Mask 255.255.255.255
Destination IP Address 192.168.0.10
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.0.20
IKE Peer Addr 192.168.0.10
IKE Source Port 500
IKE Destination Port 500
Peer Private Addr

Attribute:
Authentication Method

Expected value:
RSA Signature with Certificates

Received value:
Kerberos (GSSAPI)

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by rkuhn In reply to Event Log Message

BTW,

1) My Source and Destination IP Address Masks are Class C as in 255.255.255.0 and not as the event log says.

2) I have tried to remove the offending PC from the domain and add it back...no luck.

3) There is a personal firewall installed on the PC in question but the problem occurs with and without the firewall on.

Collapse -

by -Q-240248 In reply to Event Log Message

Even with the firewall turned off, you could have problems. It could be key exchange protocol mismatch. You subnet mask and the one in the even log are not related, it's giving you a mask to indicate the specific machine.

Reconfigure the peer IPSEC values.

Collapse -

by rkuhn In reply to

Please eleborate.

I tried using dcgpofix on the domain controller to reset the entire gp policy for the domain back to its defaults (since IPSec was the only change) and I'm still getting the error message.

Collapse -

by -Q-240248 In reply to Event Log Message

Even with the firewall turned off, you could have problems. It could be key exchange protocol mismatch. You subnet mask and the one in the even log are not related, it's giving you a mask to indicate the specific machine.

Reconfigure the peer IPSEC values.

Collapse -

by HAL 9000 Moderator In reply to Event Log Message

Rick,

The solution to reconfiguring the IPSec is here have to rush before the site goes down for the upgrade or I would give you a better answer.

Col

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums