hello, I'm using IPSec with OpenBSD.
I cannot connect with some Cisco appliances, a Cisco Asa and a Cisco 2951. For these two Cisco gw, I can see in the log the same messages : Apr 7 16:10:00 billy isakmpd[31908]: isakmpd: phase 1 done: initiator id X, responder id Y, src: X dst: Y Apr 7 16:10:00 billy isakmpd[31908]: isakmpd: Peer Y made us delete live SA peer-Y-local-X for proto 1, initiator id: X, responder id: Y As the remote IT engineers wanted me to enable DPD, I changed the ipsec configuration from active to dynamic, but nothing changes. Is there something wrong in my configuration ? ike dynamic esp from 192.168.36.0/24 to 10.0.0.0/8 \ local X peer Y \ main auth hmac-md5 enc 3des group grp2 lifetime 28800 \ quick auth hmac-sha1 enc 3des group grp2 lifetime 28800 \ srcid "X" dstid "Y" \ psk "z" -- Jean-Yves Boisiaud - Alcor Consulting 24, rue de la Glycine 49250 Saint Remy la Varenne mobile : +33 6 63 71 73 46 fixe : +33 9 72 41 19 35
