Hello everyone
I recently setup a new IKEV2 server on Ubuntu and try to connect to it with RB4011 v6.49 but I got this error payload missing: SA.
I connect to that server from my cellphone which is connected to that RB4011 so the internet connection and server are working (I guess).
My question is in what cases and scenarios we get this error? If I know why I’m getting this error it will be a lot easier to troubleshot.
Any help will be highly appreciated
What does this error means?
would you send a full log? for the connection looks like the wrong ph1 or ph2 config.
What do you mean by full log? there is only this error in the logs.
See this: http://forum.mikrotik.com/t/l2tp-tunnel-usually-fails-to-set-up-suggestions/154699/4
In your case, the l2tp part is irrelevant of course.
The problem was with ph1 or ph2 configurations on the server as @own3r1138 said, after changing the IKE and ESP suits on the /etc/ipsec.conf the problem solved.
Thanks @own3r1138 and Thanks @sindy for the tip.
@jaxed8
yvw
@jaxed8
I’m having the same problem. You can share point example edit?
Got the same. I have VPN set up on my hap ac2 and certificates expiry was set to 1yr, I was renewing them some time ago and problem probably occurred somewhere around that but I am not sure. What should I check?
I would like to add something here for anyone having the same issue.
Our IPSec tunel between two sites was working fine for 200 days. Then it suddenly dropped and couldn’t reestablish. Ipsec log showed that Site B was getting payload missing: SA error.
The solution was to add Firewall filter rule on input chain to accept udp port 4500.