Compatibility

Unanswered Question
Jun 26th, 2008

I have a ASA 5510 and a PIX 506 that I am trying to setup with site-to-site. However, I keep getting error in logs "All IPSec SA proposals found unacceptable". Are these two devices compatible for site-to-site? And if so what is a transform-set that will work?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
francisco_1 Thu, 06/26/2008 - 13:21

I dont see why not.

the eror indicate ISAKMP proposals are mismatched between the two VPN devices.

the last time this happened to me perfect forward secrecy was enable on one device and not on the other so make sure forward secrecy is disable on both firewalls.

Actions

This Discussion