z/OS Communications Server: IP Messages Volume 2 (EZB, EZD)
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


EZD0991I

z/OS Communications Server: IP Messages Volume 2 (EZB, EZD)
SC27-3655-01

EZD0991I
Transform transform_id : unsupported authentication type ( auth_type ) for phase 1 Security Association

Explanation

An IKE phase 1 Security Association (SA) negotiation failed because the authentication type is not supported.

Additional diagnostic messages that have the same message instance number will be issued to identify the impacted SA. The message instance number precedes the message number in the log output and is used to group related messages from the IKE daemon.

transform_id is the value used to identify this transform in an IKE proposal. Supported transforms for IKE SAs are described in Policy Agent and policy applications in z/OS Communications Server: IP Configuration Reference. Phase 1 transforms are specified on a KeyExchangeOffer statement, and phase 2 transforms are specified on an IpDataOffer statement.

auth_type is the number of the unsupported authentication type. The valid authentication types are PreshareKey and RsaSignature, which are specified on the HowToAuthPeers parameter of an KeyExchangeOffer statement.

System action

The SA negotiation failed; IKE daemon processing continues.

Operator response

Contact the system programmer.

System programmer response

Notify the administrator of the remote security endpoint about this error and ask the administrator to ensure that only pre-shared keys or RSA signature is being used for peer authentication.

Module

gen.cpp

Procedure name

None.

Parent topic: EZD0xxxx messages

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014