Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Protocol 17 and port 0 in ISAKMP ID payload

Hi everybody,

When I debug a ISKMP negocoation (debug crypto isakmp) on a Cisco router 827 or 806, I can see that the port is set to 0:

00:05:03: ISAKMP (1): ID payload

next-payload : 8

type : 1

addr : 217.128.103.68

protocol : 17

port : 0

length : 8

When I debug a ISKMP negociation on a Cisco routeur 3620 the port is set to 500:

*Mar 1 00:09:15.807: ISAKMP (1): ID payload

next-payload : 8

type : 1

protocol : 17

port : 500

length : 8

The IOS version used is 12.2.13.t1 for all models.

When the 827 or 806 routers establishes a connection to a Linux firewall, the firewall rejects the connection because the port in the ISAKMP ID payload is set to 0. When the 3620 router establishes a connection there is no problem.

It's a bug ?

Thaks for your help,

1 REPLY
Bronze

Re: Protocol 17 and port 0 in ISAKMP ID payload

I have not seen this behavior before, I would suggest re-posting with your configs from the 827 and 3620.

210
Views
0
Helpful
1
Replies
CreatePlease login to create content