I've managed to establish a VPN-RA connections using aes-128 sha.
This is the running config:
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto dynamic-map VPN_RA 20 set pfs
crypto dynamic-map VPN_RA 20 set transform-set ESP-AES-128-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic VPN_RA
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 20
I tried then to use aes-192, however i keep getting " %ASA-5-713904: All IPSec SA proposals found unacceptable!" and the connection is dropped
Some doubt then arises: do i have to employ necessarely aes-192 for both PHASE 1 and PHASE 2?
There is something else do i have to change? (DH Group 5?)