ASA to IOS problem

Unanswered Question
May 30th, 2007
User Badges:

Hi all,

I am facing a problem trying to establish a tunnel with one of our supplier.

Their side is terminated on a IOS router currently unknown type and version (should be 12.2 - 12.4), my side is an ASA 7.2(2), configurations are attached (at least the snippet of the IOS config I was sent).

Apparently Phase 1 completes correctly but P2 fails with "Received non-routine Notify message: No proposal chosen (14)", I also attach debug from ASA with " debug crypto isakmp 129" and "debug crypto ipsec 129".

I double checked transform sets and IKE policies.

BTW I never had to use static NAT AND IPSec as here (I was asked to do so by other side) , is that configuration really feasible?

Many thanx in advance...


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion