[Openswan Users] openSWAN to Cisco IOS
Christian Brechbühler
brechbuehler at gmail.com
Tue Nov 14 11:54:30 EST 2006
On 8/22/06, Andy Gay <andy at andynet.net> wrote:
>
> On Tue, 2006-08-22 at 11:53 -0400, Glenn Henshaw wrote:
> > What can cause the "NO_PROPOSAL_CHOSEN" message from the Cisco?
> >
> The 2 ends can't agree on phase2 parameters. Everything has to match -
> left/right subnets, encryption/authentication algorithms, PFS, probably
> more...
Similar problem here: trying to connect to a Cisco (no idea what model), we
get to this:
Nov 14 11:09:03 [pluto] "NYC" #6: initiating Quick Mode
PSK+ENCRYPT+COMPRESS+TUNNEL+PFS+UP {using isakmp#5}
Nov 14 11:09:03 [pluto] "NYC" #5: ignoring informational payload, type
NO_PROPOSAL_CHOSEN
The owner of the Cisco thing tell us that cisco doesn't like quick mode, and
that we have to disable quick mode in openswan.
Does this sound right? And if yes, how would I do it?
Thank you!
/Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061114/0b1ba43c/attachment.html
More information about the Users
mailing list