VPN tunnel of LSM gateway can not be established when CO gateway is managed by Security Management of higher version

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk106628
Technical Level
Product	IPSec VPN, SmartProvisioning
Version	R77.30, R80, R80.20, R80.30
Platform / Model	All
Date Created	28-Jun-2015
Last Modified	04-Feb-2020

Symptoms

VPN tunnel of LSM gateway can not be established when CO gateway is managed by Security Management of higher version
SmartView Tracker logs and Logs on satellite Edge devices show:
- invalid id information
- No response from peer
When "Update Corporate Office Gateway" action is performed in SmartProvisioning GUI, the issue is resolved.
SmartView Monitor does not show VPN tunnels from Edge devices.
Issue may start after a ISP disconnection or change.
vpnd.elg show the following:
[ 13110][18 Mar 13:45:25][] ndb_open: database 'magic number' corrupted(/opt/CPsuite-R77/fw1/state/local/FW1/robo-IKE.NDB)
[ 13110][18 Mar 13:45:25][] GetRoboRecord : Failed to open IKE DB -- Maybe not CO Gateway
[ 13110][18 Mar 13:45:25][] GetRoboObject : Failed to get ROBO object from database.

Cause

$FWDIR/conf/robo-IKE.NDB file is not copied from the Security Management Server to the central office gateway when policy is installed via SmartDashboard\SmartConsole.

Solution

Note: To view this solution you need to Sign In .