Home
  •  

IPSec uknown error

AP.Remote.Access.Monitor.DA_IPSEC_HEURISTIC_UNKNOWN (UnitMonitor)

Unknown error with IPSec

Knowledge Base article:

Summary

Unknown IPsec Error.

Possible Causes

01. The certificate has not been installed or is not valid.

02. One or more protocols (UDP 3544, TCP 443, Protocol 41, Ping Echo and Ping Echo Reply) are blocked on the external adapter.

03. One or more protocols (Protocol 41, TCP, UDP, ICMPv6, all IPv6 connectivity, UDP 500 IKE/AuthIP) are blocked on the internal adapter.

Resolutions

01. Please ensure that a valid certificate is present in the machine store and DA server is configured to use the corresponding root certificate.The valid certificate must satisfy the following:

a. Should not be expired.

b. Should have a private key.

c. Should be configured to be used for Client authentication.

d. Should chain to the configured root/intermediate cert.

02. Ensure that UDP 3544, TCP 443, Protocol 41, Ping Echo (used for Teredo), and Ping Echo Reply are not blocked on the external adapter.

03. On the internal adapter, verify that Protocol 41, TCP, UDP, ICMPv6, and UDP 500 IKE/AuthIP protocols are not blocked.

Element properties:

TargetAP.Remote.Access.Class.IPSec
Parent MonitorSystem.Health.AvailabilityState
CategoryCustom
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeAP.Remote.Access.Monitor.HeuristicMonitorType
RemotableTrue
AccessibilityPublic
Alert Message
IPsec unknown error

Error Description - {0}
Error Cause - {1}
Error Resolution - {2}
RunAsDefault

Source Code:

<UnitMonitor ID="AP.Remote.Access.Monitor.DA_IPSEC_HEURISTIC_UNKNOWN" Accessibility="Public" Enabled="true" Target="AP.Remote.Access.Class.IPSec" ParentMonitorID="Health!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="AP.Remote.Access.Monitor.HeuristicMonitorType" ConfirmDelivery="true">

  <Category>Custom</Category>

  <AlertSettings AlertMessage="AP.Remote.Access.Monitor.DA_IPSEC_HEURISTIC_UNKNOWN_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Error</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data/Context/DataItem/Property[@Name='ErrorDesc']$</AlertParameter1>

      <AlertParameter2>$Data/Context/DataItem/Property[@Name='ErrorCause']$</AlertParameter2>

      <AlertParameter3>$Data/Context/DataItem/Property[@Name='ErrorResolution']$</AlertParameter3>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="DA_IPSEC_HEURISTIC_UNKNOWN_Error" MonitorTypeStateID="Error" HealthState="Error"/>

    <OperationalState ID="DA_IPSEC_HEURISTIC_UNKNOWN_Warning" MonitorTypeStateID="Warning" HealthState="Warning"/>

    <OperationalState ID="DA_IPSEC_HEURISTIC_UNKNOWN_Success" MonitorTypeStateID="Healthy" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <Interval>300</Interval>

    <SyncTime/>

    <ComponentName>IPsec</ComponentName>

    <HeuristicId>2148073472</HeuristicId>

    <Debug>false</Debug>

  </Configuration>

</UnitMonitor>