1
00:00:00,360 --> 00:00:02,770
Hello and welcome to this lecture.

2
00:00:02,770 --> 00:00:08,760
So let's now continue with the second troubleshooting scenario and specifically in this case I will

3
00:00:08,760 --> 00:00:13,370
break the ice the camp say and let us go now.

4
00:00:13,370 --> 00:00:22,180
So first before breaking it you can see that both of them are working so yep this is from the VPC is

5
00:00:22,210 --> 00:00:32,100
one so pinging the VPC is in the assay branch and the second one it's pinging from the branch for the

6
00:00:32,100 --> 00:00:34,340
gate going to the headquarter for the gate.

7
00:00:34,920 --> 00:00:37,310
So we see that both are working now.

8
00:00:37,320 --> 00:00:38,310
Let's go.

9
00:00:38,400 --> 00:00:40,930
And again let's say.

10
00:00:41,100 --> 00:00:44,380
Mean and I will break.

11
00:00:44,390 --> 00:00:45,450
Now what.

12
00:00:46,110 --> 00:00:49,380
Let's choose somehow together so.

13
00:00:49,440 --> 00:00:54,450
Edit and authentication we have tested it.

14
00:00:54,450 --> 00:01:02,030
So the Phase 1 proposal I would click edit and let's say we have authentication empty five.

15
00:01:02,650 --> 00:01:02,900
So.

16
00:01:02,930 --> 00:01:04,520
OK.

17
00:01:04,950 --> 00:01:06,770
And let's see

18
00:01:10,080 --> 00:01:19,020
now I say bring down yes and I'll try to bring it up but it's not working because authentication is

19
00:01:19,050 --> 00:01:19,940
not the same.

20
00:01:19,950 --> 00:01:20,190
Good.

21
00:01:21,090 --> 00:01:24,090
So now let's concentrate on the bugs.

22
00:01:24,090 --> 00:01:26,070
So I will take again the bugs.

23
00:01:26,090 --> 00:01:35,730
So again start the debug for application Ike and enable it enable and debug and restart the whole process

24
00:01:35,760 --> 00:01:38,050
so that we can see the negotiation.

25
00:01:38,460 --> 00:01:45,810
We will see to things like in the previous lecture one is going to be successful for the branch for

26
00:01:45,810 --> 00:01:48,550
the gate and for the SSA.

27
00:01:48,600 --> 00:01:49,830
It will not work.

28
00:01:49,830 --> 00:01:51,600
It will be broken.

29
00:01:51,600 --> 00:01:52,680
So here it is

30
00:01:58,300 --> 00:01:59,040
perfect.

31
00:01:59,040 --> 00:02:00,970
Now let's stop it

32
00:02:05,620 --> 00:02:14,250
and yep now Let's navigate the beginning and here it is.

33
00:02:14,690 --> 00:02:16,180
Yes.

34
00:02:16,520 --> 00:02:24,190
So let's see for branch 1 and branch 2 range 1.

35
00:02:24,450 --> 00:02:25,050
This worm

36
00:02:27,810 --> 00:02:31,730
for branch one initiate their main mode get first response.

37
00:02:31,730 --> 00:02:36,240
I'm seeing here negotiation result for the proposal lifetime.

38
00:02:36,350 --> 00:02:38,040
I should see now.

39
00:02:38,390 --> 00:02:40,850
The authentication is successful.

40
00:02:41,340 --> 00:02:49,550
Well let's see where is that perfect for branch 1 peer identifier is this authentication is okay established

41
00:02:49,580 --> 00:02:50,100
I guess.

42
00:02:50,210 --> 00:02:51,440
Perfect.

43
00:02:51,440 --> 00:02:56,710
Now we move on to branch 2 so branch 2.

44
00:02:56,770 --> 00:02:58,530
Let's see the message.

45
00:02:59,730 --> 00:03:01,950
So here it is.

46
00:03:01,950 --> 00:03:11,640
Branch 2 sent an Ike message from our self to the to the essay and here is ignoring unsupported informational

47
00:03:11,640 --> 00:03:12,240
message.

48
00:03:12,270 --> 00:03:14,040
Pretty self-explanatory huh.

49
00:03:14,040 --> 00:03:14,780
No it's not.

50
00:03:15,360 --> 00:03:23,250
So if it didn't or haven't seen this message uh I don't know before I'm pretty much sure that you wouldn't

51
00:03:23,250 --> 00:03:26,130
guess exactly what this message is about.

52
00:03:26,130 --> 00:03:32,250
So ignoring unsupported informational message that's not so self explanatory right.

53
00:03:33,060 --> 00:03:36,420
So let's just start again.

54
00:03:36,450 --> 00:03:38,680
I want to see some more logs like this.

55
00:03:40,230 --> 00:03:43,970
I stopped in very very very very fast.

56
00:03:44,610 --> 00:03:53,130
So here is ignoring ignoring unsupported informational message again for branch to branch 2 again here.

57
00:03:54,380 --> 00:03:56,600
And guess what.

58
00:03:56,600 --> 00:03:58,290
This message will not change.

59
00:03:58,330 --> 00:04:05,480
Just repeat ignoring for branch 2 Ignoring unsupported informational message ignoring unsupported informational

60
00:04:05,480 --> 00:04:08,360
message and again send a message.

61
00:04:08,360 --> 00:04:12,200
Re transmit for Phase 1 p. 1 means Phase 1.

62
00:04:12,320 --> 00:04:19,010
This is us and the NSA again ignoring unsupported information on message.

63
00:04:19,010 --> 00:04:21,790
So yeah I know it's not that obvious.

64
00:04:21,950 --> 00:04:23,710
So that's why I'm.

65
00:04:24,320 --> 00:04:25,640
I'm also recording this.

66
00:04:25,640 --> 00:04:31,670
This troubleshooting scenarios so that you will be well prepared when you encounter such a problem.

67
00:04:31,850 --> 00:04:36,220
So you will see that the last troubleshooting scenario regarding Phase 2.

68
00:04:36,220 --> 00:04:40,100
So the IP said negotiation he it's more human.

69
00:04:40,100 --> 00:04:48,170
It's kind of readable but the first two are and are not so I believe that you agree with me so I will

70
00:04:48,170 --> 00:04:53,060
take this message and paste it here as well.

71
00:04:55,320 --> 00:04:56,570
And here are the two.

72
00:04:56,730 --> 00:05:03,100
So for the pressure key mismatch ignoring unencrypted payload malformed from this IP address from the

73
00:05:03,100 --> 00:05:07,590
NSA and for essay proposal proposals that do not match.

74
00:05:07,590 --> 00:05:09,880
Ignoring unsupported information on message.

75
00:05:10,130 --> 00:05:10,990
Wow.

76
00:05:11,190 --> 00:05:20,310
Anyway so now let's let's have it working before moving to the next lecture so let's go through the

77
00:05:20,310 --> 00:05:22,640
VPN and IP SEC tunnels.

78
00:05:24,130 --> 00:05:24,530
So.

79
00:05:24,550 --> 00:05:26,550
Edit The branch too.

80
00:05:26,980 --> 00:05:33,130
We will go to the Phase 1 proposal and get back to show 1.

81
00:05:33,130 --> 00:05:35,670
Just accept the configuration and heat.

82
00:05:35,730 --> 00:05:36,830
Okay.

83
00:05:36,880 --> 00:05:42,780
Wish should see again that the communication between the LAN user in the headquarter.

84
00:05:43,060 --> 00:05:43,780
It's fine.

85
00:05:43,780 --> 00:05:50,140
It's working with the land user in the in the NSA branch and here it is.

86
00:05:50,170 --> 00:05:51,980
So the ping is successful.

87
00:05:52,040 --> 00:05:53,200
We're happy happy.

88
00:05:53,200 --> 00:05:54,490
Problem solved.

89
00:05:54,490 --> 00:05:56,490
So see you in the next lecture.

90
00:05:56,500 --> 00:05:57,130
Thanks a lot.