Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
EZD1101I z/OS Communications Server: IP Messages Volume 2 (EZB, EZD) SC27-3655-01 |
|
EZD1101I NAT detected and no valid IpDataOffers found ExplanationThis message is issued when no valid IpDataOffers are found during a negotiation traversing a NAT. When a NAT is being traversed, all IpDataOffers utilizing the AH protocol are ignored. To negotiate a security association (SA) in a NAT traversal environment, at least one Data Offer that does not contain authentication with AH must be configured. System actionThe SA negotiation fails; IKE daemon processing continues. Operator responseContact the system programmer. System programmer responseEnsure that at least one data offer does not contain authentication with AH. When configured without the IBM® Configuration Assistant for z/OS® Communications Server, ensure that at least one IpDataOffer has ESP or DoNot configured on the HowToAuth parameter in the configuration policy. See the information about the Policy Agent and policy applications in z/OS Communications Server: IP Configuration Reference for more information about configuring policy. When configured with the IBM Configuration Assistant for z/OS Communications Server, ensure that the security level in the GUI contains at least one Data Offer that either does not use Authentication or uses Authentication with the ESP authentication protocol. See the online helps in the GUI for additional information. Modulepolicy.cpp Procedure nameNone. |
Copyright IBM Corporation 1990, 2014
|