[strongSwan] Strongswan IKEv2 not working with ASA

[Martin Willi]

Hi,

> received NO_PROPOSAL_CHOSEN notify, no CHILD_SA built

ASA sends NO_PROPOSAL_CHOSEN, which usually indicates that no matching
crypto proposal was received.

> IKEv2-PROTO-1: (1027): Failed to find a matching policy

I don't know what the ASA exactly means with "policy", but you may try
to change the phase2 proposal on the ASA to match the one you configure
in ipsec.conf using the esp= keyword.

Regards
Martin