How to solve "Received notify: INVALID ID INFO" event log error?
12/20/2019 1287 32171
The log shows "Received notify: INVALID_ID_INFO" on the initiator firewall.
INVALID_ID_INFO can occur both in Phase 1 and in Phase 2 of building up a VPN tunnel.
In Phase 1
The SonicWall received notification that the Phase 1 ID is invalid.
This is most likely to happen on an Aggressive Mode request error. Check that aggressive mode is set in the SA of both SonicWalls.
On SonicOS Enhanced firmware, you can set local and peer (remote) IKE ID's according to IP address, domain name, email address or SonicWall identifier (UFI).
In case of a Main mode tunnel, this error can be seen when the appliance at one end is behind a NAT device. SonicWall UTM appliances use their WAN IP as IKE ID by default and are expecting the other side's public IP as remote IKE ID. On SonicOS enhanced firmware, you can reconfigure the Local / Peer IKE ID with the correct IP address, or specify another parameter such as domain name, email address or UFI.
In Phase 2
This is always a case whereby Local and Destination networks do not match on either side. Please ensure the VPN policies on both Units are configured with the correct Destination and Local networks.
TIP: For more detailed information regarding Site to Site Configuration, please refer to the following KB: Types of Site to Site VPN Scenarios and Configurations