01-08-2012 09:34 AM
Hi!
I had lots of trouble creating an IPsec VPN tunnel between a SRP527W (FW 1.01.24 (003) Sep 7 2011) and 2811 (Version 12.4(25e)) Router.
The message on the 2811 was "IKE message from x.x.x.x failed its sanity check or is malformed". The reason was the password complexity (or length, which I did not try out). The password I used was "$SIMA$B3nlXySl-q+C&PnI" which is not in use any more . Now I use a password without special chars and it works fine.
I think this is a bug on the SRP527W, because it works fine with an old 836. Can someone confirm that and tell me how to report a bug to cisco? I'm Cisco SMB partner, but I'm not allowed to create a TAC service request.
best regards
phil
01-08-2012 03:23 PM
Hello Philipp Sima,
It is my understanding per the admin guide that the Pre Shared Key ("PSK") can only contain alpha numeric characters. Here is the link to the admin guide: http://www.cisco.com/en/US/docs/routers/srp520_series/srp521w/administration/srp500_admin.pdf. The PSK information is on page 184.
You can contact the Small Business Support Center to log a feature request. The US/Canada contact number is:
1-866-606-1866. International contact numbers can be found here: http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
-john
01-09-2012 07:40 AM
Hi John!
Thanks for response. You are right.
A warning in GUI would save lots of time ;-)
Thanks!
Phil
01-09-2012 03:02 PM
For others watching this thread, newer 1.2 firmware for the SRP520W-U and SRP540 devices have just such a warning message.
Regards,
Andy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide