EZD0981I   Unable to set ID - ID mismatch

Explanation

The Internet Key Exchange (IKE) daemon could not set the ID of a security endpoint because the data did not match what was expected. This might occur when initiating a phase 1 security association (SA) negotiation and the responder used a different identity than was expected based on local configuration.

Additional diagnostic messages that have the same message instance number will be issued to further identify the impacted SA. The message instance number precedes the message number in the log output and is used to group related messages from the IKE daemon.

System action

The request failed; IKE daemon processing continues.

Operator response

Verify that the LocalSecurityEndpoint and RemoteSecurityEndpoint statements have valid identity strings and are defined correctly. Review the configuration of the IKE peer to confirm that it uses the same identity as is locally configured.

System programmer response

None.

Module

doi.cpp

Procedure name

None.