My Oracle Support Banner

OCI Site-to-Site VPN – How To Interpret Error Logs and Fix Tunnel Issues (Doc ID 2938612.1)

Last updated on APRIL 02, 2024

Applies to:

Oracle Cloud Infrastructure Site-to-Site VPN - Version N/A to N/A
Information in this document applies to any platform.

Goal

How to interpret your Site-to-Site VPN log messages when there are issues, and measures that can be taken to address tunnel issues.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution
 Ignoring informational payload NO_PROPOSAL_CHOSEN
 Oakley Transform refused
 Probable authentication failure (mismatch of preshared secrets?)
 We require PFS but Quick I1 SA specifies no GROUP_DESCRIPTION
 TS_UNACCEPTABLE
 INVALID_KE_PAYLOAD
 STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
 Received and ignored notification payload: NO_PROPOSAL_CHOSEN
 No acceptable Oakley Transform | sending notification NO_PROPOSAL_CHOSEN
 Malformed payload in packet
 Check if On-Premise is Policy-Based Configured While OCI is Route-Based Configured
 INVALID_COOKIE
 TSi contains NUMBER_GREATER_THAN_50 entries which exceeds hardwired max of 50
 We require IKEv1 peer to have ID... | INVALID_ID_INFORMATION
 DPD action - clearing connection kind CK_PERMANENT
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.