<div dir="ltr">Hey Newbie here,<div><br></div><div>I am trying to connect to an cisco ASA router with little success. The tunnel seems to fail to come up. The error I get is as follows.</div><div><br></div><div>







<p class=""><span class="">031 "connection-safcom/0x7" #16: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x7" #16: starting keying attempt 2 of an unlimited number, but releasing whack</span></p>
<p class=""><span class="">031 "connection-safcom/0x6" #15: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x6" #15: starting keying attempt 2 of an unlimited number, but releasing whack</span></p>
<p class=""><span class="">031 "connection-safcom/0x5" #14: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x5" #14: starting keying attempt 2 of an unlimited number, but releasing whack</span></p>
<p class=""><span class="">031 "connection-safcom/0x4" #13: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x4" #13: starting keying attempt 2 of an unlimited number, but releasing whack</span></p>
<p class=""><span class="">031 "connection-safcom/0x3" #12: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x3" #12: starting keying attempt 2 of an unlimited number, but releasing whack</span></p>
<p class=""><span class="">031 "connection-safcom/0x2" #11: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x2" #11: starting keying attempt 2 of an unlimited number, but releasing whack</span></p>
<p class=""><span class="">031 "connection-safcom/0x1" #10: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal</span></p>
<p class=""><span class="">000 "connection-safcom/0x1" #10: starting keying attempt 2 of an unlimited number, but releasing whack</span></p><div><br></div><div>My ipsec.conf looks as follows. Is there anything that I am missing or what could I be doing wrong? I do have the elastic ip from Amazon but also using the internal private IP seems not to yield any fruits. Any pointers?</div><div><br></div><div>







<p class=""><span class="">conn connection-safcom</span></p>
<p class=""><span class="">  authby=secret</span></p>
<p class=""><span class="">  auto=start</span></p>
<p class=""><span class="">  ikelifetime=24h</span></p>
<p class=""><span class="">  forceencaps=yes</span></p>
<p class=""><span class="">  keylife=8h</span></p>
<p class=""><span class="">  rekey=yes</span></p>
<p class=""><span class="">  ike=3des-md5;modp1024</span></p>
<p class=""><span class="">  #phase2alg=aes128-sha1</span></p>
<p class=""><span class="">  #aggrmode=yes</span></p>
<p class=""><span class="">  phase2=esp</span></p>
<p class=""><span class="">  phase2alg=3des-md5;modp1024</span></p>
<p class=""><span class="">  ## phase 1 ##</span></p>
<p class=""><span class="">  keyexchange=ike</span></p>
<p class=""><span class="">  ## phase 2 ##</span></p>
<p class=""><span class="">  #esp=3des-md5</span></p>
<p class=""><span class="">  #ike=aes128-sha1-modp1024</span></p>
<p class=""><span class="">  pfs=no</span></p>
<p class=""><span class="">  type=tunnel</span></p>
<p class=""><span class="">  left=%defaultroute</span></p>
<p class=""><span class="">  leftid=<Amazon elastic ip></span></p>
<p class=""><span class="">  leftsourceip=</span><Amazon elastic ip></p>
<p class=""><span class="">  leftsubnet=<a href="http://0.0.0.0/0">0.0.0.0/0</a></span></p>
<p class=""><span class="">  ##leftsubnet=</span><Amazon internal ip/subnet></p>
<p class=""><span class="">  leftnexthop=%defaultroute</span></p>
<p class=""><span class="">  ##leftprotoport=17/1701 ##</span></p>
<p class=""><span class="">  ## for direct routing ##</span></p>
<p class=""><span class="">  right= <remote IP></span></p></div><div><br></div><div>Thanks in advance</div>-- <br><div class="gmail_signature"><div dir="ltr"><div>Regards,<br><br>Jude Mwenda<br></div></div></div>
</div></div>