Invalid user ID
Symptom
Invalid user ID.
Analysis
In IPsec, user IDs are used to identify data flows and to set up different IPsec tunnels for different data flows. Now, the IP address and username are used as the user ID.
The following is the debugging information:
got NOTIFY of type INVALID_ID_INFORMATION
Or
drop message from A.B.C.D due to notification type INVALID_ID_INFORMATION
Solution
Check that the ACLs in the IPsec policies configured on the interfaces at both ends are compatible. Configure the ACLs to mirror each other. For more information about ACL mirroring, see the chapter "IPsec configuration."