Re: Failed IPSEC L2L Tunnel between CVPN3000 and Zyxell Router
The specific details about this log message are (soon to be available on www.cisco.com):
Notify messages that cause this event are not explicitly handled in the notify processing code.
Examine the specific reason information to determine the action to take. Many notifies indicate a configuration setting that the peer does not like.
So, what does "Invalid ID info (18)" mean? It means that the Zyxell router included a value in one of its ISAKMP packets (probably the ID Payload) that the VPN3000 didn't like, probably because it's non -standard.
Can you check with the Zyxell people and see if they say that it's possible to build a tunnel between these devices. There may be some specific configuration of the device that you need to do.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...