Hi, > 13[CFG] received proposals: ESP:AES_CBC_256/HMAC_SHA1_96/MODP_1536/NO_EXT_SEQ > 13[IKE] no acceptable proposal found > 13[ENC] generating IKE_AUTH response 1 [ IDr AUTH N(NO_PROP) ]
Your client sends a DH group in the CHILD_SA proposals in IKE_AUTH. This seems wrong, as a DH exchange is never done in IKE_AUTH. The proposal would match in a CREATE_CHILD_SA (as you can do a DH exchange there), but not in IKE_AUTH. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
