crypto isakmp key <MY_KEY or MY-KEY>

I struggled for a while trying to bring up a dmvpn tunnel -- with IPSEC.

I kept receiving this error.  Cisco says it is a catch-all error.

%CRYPTO-4-IKMP_BAD_MESSAGE: IKE message from failed its sanity check or is malformed


Finally I found that my KEY was bad.   I used a hyphen "-" and it would not come up.  When I changed it to an underscore "_", it came right up.  

A lot of wasted time troubleshooting the config so many times, and it turned out to be just a bad key.  No warning comes up saying not to use a hyphen.  Maybe I am spoiled by warning messages.  ;-)


Sign In or Register to comment.