N3T_IPSec_QUICKMODE_Replayed

QUICKMODE messages used to negotiate dynamic IP tunnels have been replayed by the remote security endpoint.

This situation indicates a networking problem or a configuration mismatch problem. Evaluate the UNIX(R) syslog and identify the reason for the Internet Key Exchange (IKE) daemon dropping messages.

This warning situation uses the CHANGE function and the Total Replayed QUICKMODE Messages attribute to determine if the total number of replayed QUICKMODE messages was more than five for three consecutive evaluations for the situation. During dynamic tunnel negotiation the IKE daemon replays 10 messages before declaring a failed activation attempt. QUICKMODE messages will be replayed periodically for an activation attempt. The five replayed messages may or may not be for the same activation attempt. An attribute is not highlighted when the CHANGE function is used, and the Current Situation Value Table may not display data.

Formula: CHANGE(Total Replayed QUICKMODE Messages) > 5

By default, this situation is evaluated every 15 minutes and is not run at startup.