https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175327#M31971 <P>thank you, it was the encryption domain mismatch</P> Sun, 19 Mar 2023 13:42:45 GMT gm446 2023-03-19T13:42:45Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175319#M31969 <P>Hello Everyone,</P><P>i am trying to establish a VPN tunnel to new AWS VPC. all the configurations on the aws side is on default and the configurations i made in the gateway are exactly like the requirements in the aws document but still the tunnel is not up.</P><P>i get this error on the logs: Key Install Quick Mode Sent Notification: invalid id information</P><P>on debug file:</P><P>** QuickMode ==&gt; Thu Mar 16 2023 12:52:09 cookie cbf83400fb582586 (0.0.0.0 0.0.0.0) - (0.0.0.0 0.0.0.0) ---- Failed after QM packet 2 ----</P><P>==&gt; QM packet 1 (12:52:09) - (0.0.0.0 0.0.0.0) - (0.0.0.0 0.0.0.0)<BR />Header<BR />RespCookie: a1 3d 9f d7 c6 28 6c 21<BR />MsgID: d5 2b 06 42<BR />SAPayload<BR />prop1 PROTO_IPSEC_ESP (8a 5a 8e 7e )<BR />Transform Payload - ESP_AES<BR />Group Description: Alternate 1024-bit MODP group<BR />SA Life Type: Seconds<BR />SA Life Duration: 3600<BR />Authentication Alg: HMAC-SHA1<BR />Encapsulation Mode: Tunnel<BR />Key Length: 128<BR />ID Payload<BR />ID type: ID_IPV4_ADDR_SUBNET<BR />ID Data: 00 00 00 00 00 00 00 00 (0.0.0.0 0.0.0.0)<BR />ID Payload<BR />ID type: ID_IPV4_ADDR_SUBNET<BR />ID Data: 00 00 00 00 00 00 00 00 (0.0.0.0 0.0.0.0)</P><P>&lt;== QM packet 2 (12:52:09) - (10.10.0.0 255.255.255.0)<BR />Header<BR />RespCookie: a1 3d 9f d7 c6 28 6c 21<BR />MsgID: d5 2b 06 42<BR />SAPayload<BR />prop1 PROTO_IPSEC_ESP (c3 9d 78 4d )<BR />Transform Payload - ESP_AES<BR />Key Length: 128<BR />Authentication Alg: HMAC-SHA1<BR />Group Description: Alternate 1024-bit MODP group<BR />Encapsulation Mode: Tunnel<BR />SA Life Type: Seconds<BR />SA Life Duration: 3600<BR />ID Payload<BR />ID type: ID_IPV4_ADDR_SUBNET<BR />ID Data: 0a 0a 00 00 ff ff ff 00 (10.10.0.0 255.255.255.0)</P><P>i will love to get any help on this.</P><P>Best Regards,<BR />Yossi.</P> Sun, 19 Mar 2023 08:12:22 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175319#M31969 gm446 2023-03-19T08:12:22Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175321#M31970 <P><A href="https://support.checkpoint.com/results/sk/sk108600" target="_blank" rel="noopener"><SPAN>sk108600: VPN Site-to-Site with 3rd party</SPAN></A></P> <P><A href="https://community.checkpoint.com/t5/General-Topics/Quick-mode-Received-Notification-from-Peer-invalid-id/m-p/167724#M27881" target="_blank" rel="noopener"><SPAN><STRONG>Quick</STRONG> <STRONG>mode</STRONG> Received <STRONG>Notification</STRONG> from Peer: <STRONG>invalid</STRONG> <STRONG>id</STRONG> <STRONG>information</STRONG></SPAN></A></P> <P><A href="https://community.checkpoint.com/t5/Security-Gateways/Site-to-Site-VPN-between-Checkpoint-and-Palo-Alto-Firewalls/td-p/15935" target="_self">Site-to-Site-VPN-between-Checkpoint-and</A></P> Sun, 19 Mar 2023 09:34:57 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175321#M31970 G_W_Albrecht 2023-03-19T09:34:57Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175327#M31971 <P>thank you, it was the encryption domain mismatch</P> Sun, 19 Mar 2023 13:42:45 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175327#M31971 gm446 2023-03-19T13:42:45Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175330#M31972 <P>Yea, more often that not, since its quick mode, that would always refer to phase 2, specifically enc domain mismatch, so good job! <span class="lia-unicode-emoji" title=":thumbs_up:">👍</span></P> Sun, 19 Mar 2023 14:13:45 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IPSec-VPN-invalid-id-error/m-p/175330#M31972 the_rock 2023-03-19T14:13:45Z