Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1417
Views
0
Helpful
3
Replies

SRP520 IPsec with complex pre-shared key

philippsima
Level 1
Level 1

‎01-08-2012 09:34 AM

Hi!

I had lots of trouble creating an IPsec VPN tunnel between a SRP527W (FW 1.01.24 (003) Sep 7 2011) and 2811 (Version 12.4(25e)) Router.

The message on the 2811 was "IKE message from x.x.x.x  failed its sanity check or is malformed". The reason was the password complexity (or length, which I did not try out). The password I used was "$SIMA$B3nlXySl-q+C&PnI" which is not in use any more . Now I use a password without special chars and it works fine.

I think this is a bug on the SRP527W, because it works fine with an old 836. Can someone confirm that and tell me how to report a bug to cisco? I'm Cisco SMB partner, but I'm not allowed to create a TAC service request.

best regards

phil

Labels:
0 Helpful
3 Replies 3

johschaf
Level 4
Level 4

‎01-08-2012 03:23 PM

Hello Philipp Sima,

It is my understanding per the admin guide that the Pre Shared Key ("PSK") can only contain alpha numeric characters. Here is the link to the admin guide: http://www.cisco.com/en/US/docs/routers/srp520_series/srp521w/administration/srp500_admin.pdf. The PSK information is on page 184.

You can contact the Small Business Support Center to log a feature request. The US/Canada contact number is:

1-866-606-1866. International contact numbers can be found here: http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

-john

0 Helpful

philippsima
Level 1
Level 1
In response to johschaf

‎01-09-2012 07:40 AM

Hi John!

Thanks for response. You are right.

A warning in GUI would save lots of time ;-)

Thanks!

Phil

0 Helpful

Andrew Hickman
Cisco Employee
Cisco Employee
In response to philippsima

‎01-09-2012 03:02 PM

For others watching this thread, newer 1.2 firmware for the SRP520W-U and SRP540 devices have just such a warning message.

Regards,

Andy

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents