Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Ipsec Tunnel between two routers

I have two routers Cisco 837 and 2651xm. Running a debug ipsec on both routers the 837 gives what looks like thing are good. On the 2651 I get --CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from 63.25X.18X.2XX failed its sanity check or is malformed - I'm not sure what this is since the tunnels show to be up on both routers.

1 REPLY

Re: Ipsec Tunnel between two routers

Can you post the output of show crypto isakmp sa from either router this will show if indeed SA has succesfully been built or autenticated bewteen the two peers. Successful authentication will show QM_IDLE for tunnel state.

http://www.cisco.com/en/US/docs/ios/12_3t/secur/command/reference/sec_s2gt.html#wp1178099

double check "crypto isakmp keys" to be exact at both ends.

CRYPTO-4-IKMP_BAD_MESSAG is a Key Mismatch error message.

http://www.cisco-systems.se/univercd/cc/td/doc/product/vpn/solution/aswan15/omt/omt_apb.htm

Rgds

Jorge

267
Views
0
Helpful
1
Replies
CreatePlease to create content