Using a Cisco VPN Client 5.0 on a ASA5505 I cannot connect with IPsec. I get the following log on the ASA:
....QM FSM error(P2 struct....etc
....All IPSec sa Proposals found unacceptable!
....Mismatch: Overriding phase2 DH Group(DH group!) with phase 1 group (DH group 2)
....PHASE 1 COMPLETED
AS I understand, authentication is okey, but the client and ASA cannot find a IKE policy to agree on ? I've tried to setup several IKE's (that are listed supported with the Cisco client) but with the same result. Am I looking in the wrong direction here ? help !
PS: if this message is posted more than 1 time - well, the Cisco apache/tomcat system has been seek for the last hours..