Create a Post
Showing results for 
Search instead for 
Did you mean: 

VPN problems - Invalid ID

Hello every one

I can't get up the vpn between two gateways, checking the logs it says "Notification to Peer: invalid id information". I don't understand what it mean by id. Also, the IKE Responder Cookie and Initiator are different. Could it be because of that?

Does anyone know what Invalid id information refers to? and what causes it?


thanks for your help


0 Kudos
2 Replies

First, which version of the GW software and hardware are you using?

IKE VPN ID is a combination of peer IP and its VPN domain. It has to be identical for both parties. If there is a mismatch, you will not be able to open a tunnel.

0 Kudos

Most likely phase 2 mismatch somewhere. I would follow below sk:

Also, on top of that, make sure below 3 settings are set to FALSE in Guidbedit:


I recall even if really old versions of CP, this was an issue where CP always tried to present larger subnet than intended, so say if Cisco is expecting, for example, /28 subnet, CP would have tried to send something bigger, for example/24.

Anyway, had not seen much of that since R80 came out initially, but I would still verify those values.

0 Kudos