Hi,
I have a site-to-site IPSec VPN between a cisco 837 ADSL router and a Fortigate 60 firewall appliance. The tunnel is up and passing traffic OK, however in the log it is showing the following: %CRYPTO-6-IKMP_BAD_DOI_NOTIFY: DOI of 0 in notify message from [fortigate_ip]
I have run in a few directions and can't seem to find a meaning or resolution for that error.
Relevant sections of my config are below:
crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 5 crypto isakmp key [psk] address [fortigate_ip]
crypto ipsec transform-set cm-transformset-1 esp-3des esp-md5-hmac
crypto map cm-cryptomap 1 ipsec-isakmp set peer [fortigate_ip] set transform-set cm-transformset-1 match address site2sitevpn
interface Dialer0 ... crypto map cm-cryptomap
ip access-list extended internet permit esp any any ... permit udp any any eq non500-isakmp permit udp any any eq isakmp
ip access-list extended nonat deny ip 192.168.10.0 0.0.0.255 192.168.0.0 0.0.0.255 permit ip 192.168.10.0 0.0.0.255 any ip access-list extended site2sitevpn permit ip 192.168.10.0 0.0.0.255 192.168.0.0 0.0.0.255 dialer-list 1 protocol ip permit ! route-map nonat permit 10 match ip address nonat
Thanks in advance, Will Mays