Hello expert
i am trying to estabilsh site to site tunnel between ASA 5520 firewall and cisco 2811 router.The tunnel is not coming up with phase 1 getting completed and phase 2 is facing the problem.
i am getting the following error
no proposal chosen ( 14) received non routine notify message
on the same firewall,one more tunnel is working fine and similar is the case for Cisco 2811 router.we tried all possible combination for authentication/encryption/group but no success.Finally we have freezed the config of the tunnel on router with the same as other tunnel which is working on thr router and trying the combination on ASA side to make it up..can you please help me on the same
ASA Side Config
Crypto map outside_map 3 match address outside_cryptomap_3
crypto map outside_map 3 set peer a.b.c.d
crypto map outside_map 3 set transform-set ESP-DES-SHA ESP-3DES-MD5 ESP-3DES ESP-DES-MD5 ESP-3DES-SHA ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
unnel-group a.b.c.d type ipsec-l2l
tunnel-group a.b.c.d general-attributes
default-group-policy EDGAR_ONLINE
tunnel-group a.b.c.d ipsec-attributes
pre-shared-key ****
!
Router Side Config
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
!
crypto isakmp key **** address x.y.z.w no-xauth
crypto isakmp invalid-spi-recovery
crypto isakmp keepalive 10
!
!
crypto ipsec transform-set TransSetSun2 esp-aes esp-md5-hmac
!
!
!
crypto map CustMap redundancy replay-interval inbound 800 outbound 10000
crypto map CustMap 30 ipsec-isakmp
set peer x.y.z.w
set transform-set TransSetSun2
match address protect CUST
!
