Support Center > Search Results > SecureKnowledge Details
3rd party VPN peer rejects IDs proposed in IKE phase 2 and tunnel not established (unless initiated from peer side)
Symptoms
  • 3rd party VPN peer rejects the IDs proposed in IKE phase 2 and the tunnel is not established (unless initiated from peer side).
  • Supernetting is disabled (ike_enable_supernet = false), but the Security Gateway proposes subnets that are not always based on the network objects in the encryption domain
Cause

Encryption domain overlaps are not supported and undefined behavior may occur if they are configured.


Solution
Note: To view this solution you need to Sign In .