The Internet Key Exchange (IKE) daemon could not set the ID of a security endpoint because the data did not match what was expected. This might occur when initiating a phase 1 security association (SA) negotiation and the responder used a different identity than was expected based on local configuration.
Additional diagnostic messages that have the same message instance number will be issued to further identify the impacted SA. The message instance number precedes the message number in the log output and is used to group related messages from the IKE daemon.
The request failed; IKE daemon processing continues.
Verify that the LocalSecurityEndpoint and RemoteSecurityEndpoint statements have valid identity strings and are defined correctly. Review the configuration of the IKE peer to confirm that it uses the same identity as is locally configured.
None.
doi.cpp
None.