cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1881
Views
0
Helpful
4
Replies

Encryption algorithm offered does not match policy

shjengschool
Level 1
Level 1

Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(15)T1.

VPN Client Version 4.8.02.0010

Dear Friends,

Configured vpn gateway to accept remote access connections from VPN client. Am receiving the above tittled error. Would deeply appreciate someones help on this.

Attached is the router config and error message received when issued the command debug crypto isakmp.

Regards,

Sunoj

4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

Sunoj

I am a bit puzzled about what you have posted. The error messages show 14 different transforms being attempted but the config that you posted shows only a single transform. Are these error messages really being generated on the router that has this configuration?

HTH

Rick

HTH

Rick

Yes. Doesn't those attempts means it tried 14 times for the policy 10 and then moved to the default policy?

Hi please find attached the latest debug ouput for the same issue.

Sunoj

It is not just that it tries 14 times but each of those 14 are a unique combination of encapsulation, hash, authentication, etc. Where are the 14 variations within the transform set?

I have found that very occasionally the behavior of a router will differ from what is shown in the config (and frequently seems to reflect confusion about this that were inserted into the config, changed, and/or deleted from the confi during testing). In those cases I have found that it frequently is helpful to save the config, reboot the router and see if the behavior changes. Are you in a position to reboot this router and try the VPN again?

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: