[Openswan Users] Connecting to Cisco VPN, getting INVALID_ID_INFORMATION followed by "perhaps peer likes no proposal"
tim at mccune.name
Wed Mar 19 13:50:52 EDT 2014
Thanks Mike. I've double-checked both the secret and the addresses in
ipsec.secrets. Also tried changing pfs to no. Still the same error. I
don't have any ability to do any debugging or change any settings on the
Cisco device. I have asked them to see if there is anything helpful
getting logged, but so far no response.
On Wed, Mar 19, 2014 at 10:18 AM, Mike Johnston <mjohnston at wiktel.com>wrote:
> I'm not too well versed on this stuff, but I have a few thoughts for you:
> - Make sure your secrets match.
> - Make sure the IP addresses in your secrets file are accurate.
> - Try doing some debugging on the ASA.
> - debug crypto isakmp 200 or even debug crypto isakmp 255
> - debug crypto ipsec
> - I never could get pfs to work between Openswan and a Cisco
> firewall. Try temporarily turning off pfs on both ends and see if you get
> any better luck.
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users