Meraki

vMXNoob

Hello all,

Question for you all I have created a non-meraki S2S VPN - I have control of both sides - The VPN is IKEv1

Phase 1 - Matches both sides

Phase 2 Matches both sides

PSK matches

Remote IDs are correct each end

Subnets are correct each side

What ever i do i keep getting the following message on the quick mode (phase 2)

received INVALID_ID_INFORMATION error notify

The the VPN will show green in the meraki portal - but cannot pass any traffic

(The vmx) is in azure and nat'd as expected but i can see all the traffic pass to the device if i start a packet capture

Any tips?

Mloraditch

For the remote ID on the third party you have the vMXs internal IP specified or whatever you've specified in the Local ID field?

vMXNoob

Yes I did as I previously noticed when initially configuring the vpn the logs on the remote side were stating that the id was incorrect as I had the external ip when I changed it to the internal it brought up phase 1 of the sa’s

PhilipDAth

If the PSK includes extended characters - try making a simple ASCII PSK and see if that makes any difference.

Try simplifying down to using a single subnet combination and see if that makes any difference.

Keep removing complexity until you get it working, and then building it back up again.

vMXNoob

I have tried the psk to a simple configuration and single subnets still getting the following

received INVALID_ID_INFORMATION error notify

both devices are behind nat - but have captured packets and can see that they are talking to one another 🙂

Meraki

Community

Non-Meraki Peer to vMX Site to Site VPN

Non-Meraki Peer to vMX Site to Site VPN