Refer to the exhibit.
While troubleshooting an IPsec connection between a Cisco WAN edge router and an Amazon Web Services (AWS) endpoint, a network engineer observes that the security association status is active, but no traffic flows between the devices What is the problem?
An identity mismatch occurs when the local and remote identities configured on the IPsec peers do not match. This can prevent the establishment of an IPsec tunnel or cause traffic to be dropped by the IPsec policy. In this case, the network engineer should verify that the local and remote identities configured on the Cisco WAN edge router and the AWS endpoint match the values expected by each peer. The identities can be an IP address, a fully qualified domain name (FQDN), or a distinguished name (DN). The identities are exchanged during the IKE phase 1 negotiation and are used to authenticate the peers. If the identities do not match, the peers will reject the IKE proposal and the IPsec tunnel will not be established or will be torn down.Reference:=
Configure IOS-XE Site-to-Site VPN Connection to Amazon Web Services, Topic: Troubleshooting
Lenna
6 months agoAllene
6 months agoRebecka
6 months agoLenna
6 months agoReynalda
6 months agoAlline
6 months agoTalia
7 months agoReynalda
7 months agoGeorgeanna
8 months agoClaribel
7 months agoDawne
8 months agoEric
8 months agoMyra
8 months agoAnabel
8 months agoDeonna
8 months agoCasie
8 months agoJesusita
8 months agoLasandra
8 months agoShawnta
8 months ago