Unanswered Question
Jun 26th, 2008
User Badges:

I have a ASA 5510 and a PIX 506 that I am trying to setup with site-to-site. However, I keep getting error in logs "All IPSec SA proposals found unacceptable". Are these two devices compatible for site-to-site? And if so what is a transform-set that will work?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
francisco_1 Thu, 06/26/2008 - 13:21
User Badges:
  • Gold, 750 points or more

I dont see why not.

the eror indicate ISAKMP proposals are mismatched between the two VPN devices.

the last time this happened to me perfect forward secrecy was enable on one device and not on the other so make sure forward secrecy is disable on both firewalls.


This Discussion