FAQ-What If "got NOTIFY of type INVALID_ID_INFORMATION" or "drop message from A.B.C.D due to notification type INVALID_ID_INFORMATION" Is Displayed During IPSec Debugging

Publication Date:  2015-07-02 Views:  299 Downloads:  0
Issue Description
What If "got NOTIFY of type INVALID_ID_INFORMATION" or "drop message from A.B.C.D due to notification type INVALID_ID_INFORMATION" Is Displayed During IPSec Debugging?
Solution
This is caused by ACL differences on both IPSec interfaces. In actual applications, ACLs are used to establish security tunnels on per data flow basis for data protection. In this case, you need to check the ACLs in the security policies configured at both ends of the tunnel for any ACL mismatch. If the ACLs do not match, set the ACLs at both ends to be mutually mirrored.

END