Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7696
Views
25
Helpful
4
Replies

"vendor ID seems Unity/DPD but major 69 mismatch"

Go to solution
CiscoBrownBelt
Level 6
Level 6

‎02-29-2020 04:29 PM

I see "vendor ID seems Unity/DPD but major 69 mismatch" in a working debug between 2 routers for IPSEC. Not able to find info for what this means. Any help?

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Sheraz.Salim
VIP Alumni
VIP Alumni

‎02-29-2020 05:01 PM

isakmp up and running. i mean phase 1 up? and so the phase2? the way you said it seems all working fine but in your debug you see vendor ID seems Unity/DPD but major 69 mismatch.

 

Dead peer detection (kind of keep alive, you there or call it a kind of control plan) is going on. however major 69 mismatch this information is optional according to IEEE this is not a mandatory unless some one prove me i am wrong this is my understand of reading the IEEE isakmp. each vendor put different attribute in isakmp heard for example cisco/juniper etc.

please do not forget to rate.

View solution in original post

Go to solution
Cristian Matei
VIP Alumni
VIP Alumni

‎03-01-2020 08:19 AM

Hi,

 

   That message is purely informational, in general. Each vendor attaches its own proprietary info in the ISAKMP packet, and that message usually means the remote side is another vendor , which means the proprietary info is kinda ignored. The IPsec tunnel should still come up.

 

Regards,

Cristian Matei.

View solution in original post

Go to solution
Sheraz.Salim
VIP Alumni
VIP Alumni
In response to CiscoBrownBelt

‎03-01-2020 11:17 PM

These above messages are for specific to vendor not binding with IEEE. Therefore they can be easily ignore. 
howerver in is is isakmp/ikev1 you only need to focus on the 4 stages here the link https://www.tunnelsup.com/isakmp-ike-phase-1-status-messages/ 

 

please do not forget to rate.

View solution in original post

4 Replies 4

Go to solution
Sheraz.Salim
VIP Alumni
VIP Alumni

‎02-29-2020 05:01 PM

isakmp up and running. i mean phase 1 up? and so the phase2? the way you said it seems all working fine but in your debug you see vendor ID seems Unity/DPD but major 69 mismatch.

 

Dead peer detection (kind of keep alive, you there or call it a kind of control plan) is going on. however major 69 mismatch this information is optional according to IEEE this is not a mandatory unless some one prove me i am wrong this is my understand of reading the IEEE isakmp. each vendor put different attribute in isakmp heard for example cisco/juniper etc.

please do not forget to rate.

Go to solution
Cristian Matei
VIP Alumni
VIP Alumni

‎03-01-2020 08:19 AM

Hi,

 

   That message is purely informational, in general. Each vendor attaches its own proprietary info in the ISAKMP packet, and that message usually means the remote side is another vendor , which means the proprietary info is kinda ignored. The IPsec tunnel should still come up.

 

Regards,

Cristian Matei.

Go to solution
CiscoBrownBelt
Level 6
Level 6
In response to Cristian Matei

‎03-01-2020 07:18 PM

Awesome great. I am getting that message in VIRL between to CSR1000v routers. Any other cause for it? Yes tunnel is still up but I am just curious.
0 Helpful

Go to solution
Sheraz.Salim
VIP Alumni
VIP Alumni
In response to CiscoBrownBelt

‎03-01-2020 11:17 PM

These above messages are for specific to vendor not binding with IEEE. Therefore they can be easily ignore. 
howerver in is is isakmp/ikev1 you only need to focus on the 4 stages here the link https://www.tunnelsup.com/isakmp-ike-phase-1-status-messages/ 

 

please do not forget to rate.
Customers Also Viewed These Support Documents