EZD0965I   Validity check or authentication failure occurred using a shared key

Explanation

A validity check failure or authentication failure occurred on a message for a phase 1 Security Association configured for shared key authentication. This indicates a likely mismatch between the locally configured shared key value and the shared key value configured on the remote security endpoint.

Additional diagnostic messages that have the same message instance number will be issued to identify the impacted Security Association (SA) including the applicable KeyExchangeRule statement. The message instance number precedes the message number in the log output and is used to group related messages from the IKE daemon.

System action

The SA negotiation failed; IKE daemon processing continues.

Operator response

Confirm that the configured shared Key value matches the value configured on the remote security endpoint.

When configured without the IBM® Configuration Assistant for z/OS® Communications Server, confirm that the SharedKey value on the applicable KeyExchangeRule statement matches the key value that is configured on the remote security endpoint. See the information about the Policy Agent and policy applications in z/OS Communications Server: IP Configuration Reference for more information about the KeyExchangeRule statement and the SharedKey parameter.

When configured with the IBM Configuration Assistant for z/OS Communications Server, confirm that the Shared Key value on the applicable Connectivity Rule matches the key value that is configured on the remote security endpoint. See the online helps in the GUI for additional information.

System programmer response

None.

Module

oakley_kep.cpp

Procedure name

None.