02-25-2007 11:31 PM - edited 02-21-2020 01:25 AM
Hi,
We are facing some problem with VPN tunnel from router to router.
We are forming tunnel from R1 to R2 on loopback address. It was working ok and suddenly it is showing status as down.
I am attaching debug cry ipsec output here in text mode.
Here we suspect :
Feb 26 11:02:40.779: ISAKMP:(0:0:N/A:0):Encryption algorithm offered does not match policy!
Coincidently it was working and suddenly gone down.
Thanks and advance
Subodh
02-26-2007 01:49 AM
Hi,
The Phase 1 attributes are matching, so thats not an issue. It seems to be an issue with the pre-shared key.
Try resetting pre-shared key on both the ends.
Hope this helps.
-Kanishka
03-08-2007 07:13 AM
Hi,
As per the debugs, it seems that you are using certs for the authentication which is failing and a possible reason is the cert on one end has expired. Please check the validity of the cert.
HTH,
Please rate if it helps,
Regards,
Kamal
03-20-2007 05:29 PM
I think the phase 1 policies are not configured on the router whose debugs are attached, do you really wanna do isakmp authentication with certificates or you have pre-shared key configured? please configure the phase 1 policy matching teh remote peer.
what re the debugs on the remote peer, is it possible for you paste the config on both the sides??
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide