Unable to establish a Firewall/VPN IPsec tunnel to the Cloud Secure Web Gateway, the firewall IPSEC log showed an error.

• Any Firewall Vendor
• Cloud Secure Web Gateway

The firewall IPsec verbose logs showed the following error:

[ENC] parsed INFORMATIONAL_V1 request <Request ID>[ HASH N(AUTH_FAILED) ]
[IKE] received AUTHENTICATION_FAILED error notify

The error message indicates Phase 1 Identifier Mismatch.

Review the firewall's VPN IPsec phase 1 configuration profile, and set the local ID to the given public egress IP.

The IP should be the same as added in the Cloud SWG portal under Connectivity > Location > Access Method Firewall VPN.