[strongSwan] Connecting from/to strongSwan and Cisco Router
IL Ka
kazakevichilya at gmail.com
Wed Oct 16 20:06:06 CEST 2019
Try to enable debug on Cisco side.
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#iosdbgs
You need to understand which proposal is declined.
I also suggest to recheck your cisco and strongswan config to ensure that
proposals for SA2 are the same.
On Tue, Oct 15, 2019 at 10:44 PM Steve Pniewski - ARTEMUS <
spniewski at artemus.us> wrote:
> When we create VPN connection, it goes through 2 phases. Only if both the
> phases are successful we can say the connection is success.
>
> In our case the phase 1 is successful.
>
> In phase 2 we are getting back a status called “NO_PROPOSAL_CHOSEN’
> message from the cisco router.
>
> We are not able to identify why this is happening , hence had included the
> logs from both sides.
>
> Anyone have experience with strongSwan connecting to Cisco Router? We
> have included logs from both sides.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20191016/941165b4/attachment.html>
More information about the Users
mailing list