[Openswan Users] connection to CISCO 1720, NO_PROPOSAL_CHOSEN
Joachim Gruhn
joachim.gruhn at snap.de
Thu Mar 11 13:04:14 CET 2004
hi,
I have problems to establish a VPN tunnel from a SuSE Linux 9 host with
FreeS/Wan 1.99 installation to a CISCO 1720 VPN Gateway where the linux
box is the initiator. The proposol payloads (4) initiating the QUICK
MODE (I1) will not be accetpted by the CISCO 1720. The first two
transform payloads offers ESP_AES encryption which are not supported by
the 1720. The last two transform payloads offers ESP_3DES which should
be accepted by the 1720, but did not appear in the trace of the CISCO
Gateway. The sequence ends up with a notification payload
"NO_PROPOSAL_CHOSEN" at the freeswan side.
If the CISCO VPN Gateway acts as the initiator, a connection can be
established and everything seems fine.
It is a bug in freeswan? Is it possible to disable a specific encryption
(ESP_AES) for a specific connection definition?
Any idea is welcome.
Regards
Joachim
More information about the Users
mailing list