×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

L2L VPN ASA5510 to Nortel Contivity

Answered Question
Oct 17th, 2006
User Badges:

We are are having some problems getting the tunnel to completely come up. It seems the IKE or Phase 1 completes and then Phase 2 won't complete. I am getting a message about INVALID_ID_INFO and the the process ends and restarts. I have attached the log file. Any help here would be greatly appreciated.


Scott



Attachment: 
Correct Answer by wdrootz about 10 years 10 months ago

The message points to a crypto map problem. Make sure the peer specified on the Cisco points to the tunnel termination point at the Nortel side. Also make sure that the transform set matches along the local and remote proxy identities (ACL).

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
wdrootz Fri, 10/20/2006 - 15:36
User Badges:
  • Bronze, 100 points or more

The message points to a crypto map problem. Make sure the peer specified on the Cisco points to the tunnel termination point at the Nortel side. Also make sure that the transform set matches along the local and remote proxy identities (ACL).

svanguilder Sat, 10/21/2006 - 05:50
User Badges:

I don't manage the Contivity and can only go by what the analyst on the other end is telling me. We have gone over the ipsec config over and over and everything seems to match. We just can't seem to pinpoint where the difference is. We are narrowing traffic down to 4 hosts on our end and 2 hosts on their end.

ajagadee Mon, 10/23/2006 - 20:34
User Badges:
  • Cisco Employee,

Scott,


Can you make sure that you have configured "isakmp identity address" on the ASA.


Let me know if it helps.


Regards,

Arul

ajagadee Tue, 10/24/2006 - 10:23
User Badges:
  • Cisco Employee,

Scott,


Thanks for the update! Glad that everything is working.


If you dont mind, when you get a chance could you update the Forum that the answer provided resolved your issue, so others can benefit from similar issues.


Thanks!

Arul

Actions

This Discussion