I am facing an issue while configuring an IPSec session with IPv6 addresses.
I am facing an issue while testing IPSec with protocol as ICmp6 , and this issue is not observed when I tested with other protocols, say UDP.
I am thinking that IKE is triggering on receive of neighbour solicit messages . Could any one of you help me to solve this issue and is there any additional thing to do to avoid triggering IKE for neighbour solicit messages.
I am getting the below logs:
IPsec-SA request for 2026::4000:2 queued due to no phase1 found.
NOTIFY: the packet is retransmitted by 2026::4000:2 (1).
respond new phase 1 negotiation: 2026::4000:1<=>2026::4000:2
And also I am seeing the junk SA with spi(0x000) when i execute setkey -D even ISAKMP and IPSec not established.