[Openswan Users] Connecting to Cisco VPN, getting INVALID_ID_INFORMATION followed by "perhaps peer likes no proposal"
Tim McCune
tim at mccune.name
Wed Mar 19 13:50:52 EDT 2014
Thanks Mike. I've double-checked both the secret and the addresses in
ipsec.secrets. Also tried changing pfs to no. Still the same error. I
don't have any ability to do any debugging or change any settings on the
Cisco device. I have asked them to see if there is anything helpful
getting logged, but so far no response.
On Wed, Mar 19, 2014 at 10:18 AM, Mike Johnston <mjohnston at wiktel.com>wrote:
> I'm not too well versed on this stuff, but I have a few thoughts for you:
>
> - Make sure your secrets match.
> - Make sure the IP addresses in your secrets file are accurate.
> - Try doing some debugging on the ASA.
> - debug crypto isakmp 200 or even debug crypto isakmp 255
> - debug crypto ipsec
> - I never could get pfs to work between Openswan and a Cisco
> firewall. Try temporarily turning off pfs on both ends and see if you get
> any better luck.
>
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140319/f796a2b2/attachment.html>
More information about the Users
mailing list