batfish Can't find keyring for isakmp profile

Can't find keyring for isakmp profile

Open adosztal opened this issue 2 years ago • 0 comments

Hello,

Batfish container: batfish/allinone:test-1226 pybatfish version: 2022.2.18.1216 OS: Cisco IOS-XE

I get a red flag when importing a policy-based VPN configuration:

{
	"tag": "MISCELLANEOUS",
	"text": "Cannot find keyring Keyring-Sales for ISAKMP profile IKE-Sales"
},

Config:

!
crypto keyring Keyring-Sales vrf Internet
  pre-shared-key address <peer_IP1> key xxx
  pre-shared-key address <peer_IP2> key xxx
  pre-shared-key address <peer_IP3> key xxx
  pre-shared-key address <peer_IP4> key xxx
!
crypto isakmp profile IKE-Sales
   vrf Sales
   keyring Keyring-Sales
   match identity address <peer_IP1> Internet
   match identity address <peer_IP2> Internet
   match identity address <peer_IP3> Internet
   match identity address <peer_IP4> Internet
!
crypto map Sales-VPN 10 ipsec-isakmp !Similar config for the 3 other peers
 set peer <peer_IP1>
 set security-association lifetime seconds 28800
 set transform-set <transform_set>
 set isakmp-profile IKE-Sales
 match address ACL-Sales
!

Mar 02 '22 14:03 adosztal

batfish batfish copied to clipboard

Can't find keyring for isakmp profile

batfish
batfish copied to clipboard