I'm struggling with the following showing up from the output of "debug crypto ikev2 error"
Nov 2 08:52:01.408 PDT: IKEv2-ERROR:(SESSION ID = 487912,SA ID = 13):Received Policies: : Failed to find a matching policyProposal 1: AES-CBC-256 SHA256 SHA256 DH_GROUP_2048_MODP/Group 14 Nov 2 08:52:01.408 PDT: IKEv2-ERROR:(SESSION ID = 487912,SA ID = 13):Expected Policies: : Failed to find a matching policyProposal 1: AES-CBC-256 AES-CBC-128 3DES SHA384 SHA1 SHA384 SHA96 DH_GROUP_384_ECP/Group 20 DH_GROUP_1024_MODP/Group 2 However my proposals:
crypto ikev2 proposal low-proposal encryption aes-cbc-256 aes-cbc-192 aes-cbc-128 3des integrity sha512 sha384 sha256 sha1 group 24 21 20 19 16 15 14 5 2 crypto ikev2 proposal high-proposal encryption aes-cbc-256 aes-cbc-128 3des integrity sha384 sha1 group 20 2 crypto ikev2 proposal med-proposal encryption aes-cbc-256 aes-cbc-128 3des integrity sha384 sha1 group 20 2 and my policy:
crypto ikev2 policy shared-policy proposal high-proposal proposal med-proposal proposal low-proposal Should be checked in order until a hit is found, right? I'm not exactly sure what is wrong here as I should be allowing everything in the low proposal. Does anyone have any ideas what could be at fault?
No comments:
Post a Comment