06-26-2008 01:06 PM - edited 03-09-2019 08:58 PM
I have a ASA 5510 and a PIX 506 that I am trying to setup with site-to-site. However, I keep getting error in logs "All IPSec SA proposals found unacceptable". Are these two devices compatible for site-to-site? And if so what is a transform-set that will work?
06-26-2008 01:21 PM
I dont see why not.
the eror indicate ISAKMP proposals are mismatched between the two VPN devices.
the last time this happened to me perfect forward secrecy was enable on one device and not on the other so make sure forward secrecy is disable on both firewalls.
06-27-2008 03:02 AM
Please have a look at this link:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805c5ad9.shtml
Regards
Farrukh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: