ASA 5520 VPN to Nortel Contivity?

Unanswered Question
Feb 2nd, 2007

I'm trying to establish a site to site ipsec tunnel between an ASA 5520 and a Nortel Contivity box. Despite trying a number of different transform sets and IKE setups it keeps failing at phase 1 with:

Information Exchange processing failed

Received an un-encrypted INVALID_ID_INFO notify message dropping

Does anyone have any tips for this scenario please?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ggilbert Fri, 02/02/2007 - 08:34


Can you make sure the command "isakmp identity address" is inserted on the ASA.

If that still doesn't work, some type of debugs on the ASA would help us out.

debug cry isa 190

deb cry ipsec 190



jason.scott Mon, 02/12/2007 - 06:58

Thank you both, got it working now. I'm not quite sure what eventually 'fixed' it but trial and error got it working.

church27104 Tue, 11/01/2011 - 06:05

I am having a similar problem creating a ipsec tunnel from an asa5520 to a nortel contivity 1100. I get past phase 1 and phase 2 and the tunnel is up but the tunnel will still not pass traffic. Cisco TAC says that the asa is configured correctly but I'm not sure about the nortel....I don't have support for it. Any help/advise would be greatly appericiated.


This Discussion