[Openswan Users] GRE over IPSec - Cisco endpoint
Tom Stockton
tom at stocktons.org.uk
Sun Dec 20 14:04:01 EST 2009
On Fri, Dec 18, 2009 at 4:15 PM, Michael Smith <msmith at cbnco.com> wrote:
>
> On the Cisco side, the provider might have to set "mode transport" on their
> crypto ipsec transform-set.
Thanks for this Mike, unfortunately there is no option to change the
cisco config at the other end as it's fixed by the third party.
I tried to reconnect the IPSec tunnel using the changes as you
suggested, unfortunately it didn't work. I get the following repeated
message as I did previously.
"No acceptable response to our first Quick Mode message: perhaps peer
likes no proposal"
I'm pretty stuck now so any other suggestions would be very welcome.
I'll request the cisco config from the third party so that I can see
exactly what's going on ....
Cheers
Tom
More information about the Users
mailing list