Ipsec Tunnel between two routers

Unanswered Question
Dec 13th, 2008

I have two routers Cisco 837 and 2651xm. Running a debug ipsec on both routers the 837 gives what looks like thing are good. On the 2651 I get --CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from 63.25X.18X.2XX failed its sanity check or is malformed - I'm not sure what this is since the tunnels show to be up on both routers.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Sat, 12/13/2008 - 17:33

Can you post the output of show crypto isakmp sa from either router this will show if indeed SA has succesfully been built or autenticated bewteen the two peers. Successful authentication will show QM_IDLE for tunnel state.


double check "crypto isakmp keys" to be exact at both ends.

CRYPTO-4-IKMP_BAD_MESSAG is a Key Mismatch error message.





This Discussion