06-26-2008 01:06 PM - edited 03-09-2019 08:58 PM
I have a ASA 5510 and a PIX 506 that I am trying to setup with site-to-site. However, I keep getting error in logs "All IPSec SA proposals found unacceptable". Are these two devices compatible for site-to-site? And if so what is a transform-set that will work?
06-26-2008 01:21 PM
I dont see why not.
the eror indicate ISAKMP proposals are mismatched between the two VPN devices.
the last time this happened to me perfect forward secrecy was enable on one device and not on the other so make sure forward secrecy is disable on both firewalls.
06-27-2008 03:02 AM
Please have a look at this link:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805c5ad9.shtml
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide