On Mon, 27 Feb 2017, Bob Miller wrote:
whse2datacenter" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW {using isakmp#2 msgid:10f75020 proposal=3DES(3)_000-SHA1(2)_000 pfsgroup=no-pfs} Feb 27 23:25:58 fw-tpc pluto[10068]: "whse2datacenter" #2: ignoring informational payload INVALID_ID_INFORMATION, msgid=00000000, length=144
Invalid ID for quick mode is a wrong error. Since at that point the ID and the entire IKE SA has been authenticated. So this error is misleading. Look at phase2/esp and/or pfs mismatches and of course leftsubnet/rightsubnet mismatches. Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
