Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Reserved not zero on ID payload

-- *Cisco Moderator edited this post. All public IP addresses have been changed to nnn.xxx.yyy and nnn.zzz.yyy to mask the actual public network and configuration in this public forum. Please refrain from posting actual IP addresses to reduce security risks involved. --

PC (SSH Sentinal) ----> WEB ----> DSL500 ADSL ----> Cisco 1710 --- Internal Lan

Anyone come across this error message during initiation of an IPSec SA. Under laboratory conditions! the tunnel establishes all ok but using an ADSL Dlink DSL500 modem set for NAT/PAT and so called built-in VPN forwarding, the key exchange works but protocol gets stuck.

Several other mentions on web regarding this problem but nothing on CCO

00:04:56: ISAKMP (0:1): processing KE payload. message ID = 0

00:04:56: ISAKMP (0:1): processing NONCE payload. message ID = 0

00:04:56: ISAKMP (0:1): found peer pre-shared key matching *nnn.zzz.yyy.5

00:04:56: ISAKMP (0:1): SKEYID state generated

00:04:56: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE

Old State = IKE_R_MM3 New State = IKE_R_MM3

00:04:56: ISAKMP (0:1): sending packet to *nnn.zzz.yyy.5 (R) MM_KEY_EXCH

00:04:56: ISAKMP (0:1): Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE

Old State = IKE_R_MM3 New State = IKE_R_MM4

00:04:57: ISAKMP (0:1): received packet from *nnn.zzz.yyy.5 (R) MM_KEY_EXCH

00:04:57: ISAKMP: reserved not zero on ID payload!

00:04:57: %CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from *nnn.xxx.yyy.5 failed its sanity check or is malformed

2 REPLIES
New Member

Re: Reserved not zero on ID payload

Seems like a known bug which has been resolved in IOS version 12.2,try using 12.2

New Member

Re: Reserved not zero on ID payload

Message to moderator: ip addresses were set as bogus before posting.

Found problem to be result of incorrect copy/paste of password

2574
Views
0
Helpful
2
Replies