Support Center > Search Results > SecureKnowledge Details
IKEv2 negotiation fails between an Quantum Spark Appliance and an Azure / AWS peer Technical Level
  • The "VPN" log on the Quantum Spark Appliance shows one of these messages in the "Description" section:

    • IKE failure: Informational exchange: Sending notification to peer: Invalid IKE SPI


    • Received CCSA request with an IKE SA that is not authenticated
      Could not allocate inbound Create Child SA exchange


Due to IKEv2 limitations, the support for Azure/AWS is limited for:

  • Certificate authentication

  • Renegotiation

No fix is required; the system is functioning as designed.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document