[strongSwan] NO_PROPOSAL_CHOSEN error notify

Martin Willi martin at strongswan.org
Mon Nov 11 10:36:41 CET 2013

Previous message: [strongSwan] Antw: Re: NO_PROPOSAL_CHOSEN error notify
Next message: [strongSwan] Antw: Re: Re: NO_PROPOSAL_CHOSEN error notify
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Björn,

> initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP

> esp=aes128-sha1,aes128-md5,aes256-md5,aes256-sha1,3des-sha1,3des-md5

Your old GW seems to use PFS, but in your 5.1.1 installation you don't
include any DH groups in the esp proposal. To enable PFS in 5.1.1,
you'll have to add a DH group to each proposal.

Regards
Martin

Previous message: [strongSwan] Antw: Re: NO_PROPOSAL_CHOSEN error notify
Next message: [strongSwan] Antw: Re: Re: NO_PROPOSAL_CHOSEN error notify
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list