Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IKE v2 doesn't have a proposal specified

why do I get that error, even when never IKEv2 has been used or enabled in a L2L config?

on 4 identically configured asas, I only get that error on 1 device, and so the tunnel doesn't come up.

thx for tipps

DN

Everyone's tags (6)
3 REPLIES
Hall of Fame Super Silver

IKE v2 doesn't have a proposal specified

There must be something different with the non-working one.

I would assume you've verified the software version (8.4(1) or later) and the configuration lines supporting your IKEv2 L2L tunnel?

Beyond that, I'd suggest providing the config for us to have a first-hand look.

New Member

Re: IKE v2 doesn't have a proposal specified

all asas have 8.4.3 installed.

i have NO IKEv2 activated. So why should I find lines supporting that? the pre-installed IKE policies are there, yes. But nothing more. I will provide you with the configs as soon as the devices are reachable again...

--edit--

In the main office I see 3 asas connecting in the syslog messages. the one with the most problems is not visible.

I'm connected via rdp on a server behind the asa in the branchoffice. From there I have the asdm open and I'm seeing that the asa tries to build up the tunnel. But on the mainoffice I don't see any try for connecting.

Very strange. How can that be? From that asa I can ping the public IP of the mainoffice - and there I see the pings coming and replying.

Thx

DN

Hall of Fame Super Silver

Re: IKE v2 doesn't have a proposal specified

Could you have possibly omitted specifying IKE version altogether on the non-working VPN tunnel? That was the default prior to 8.4 when there was no IKEv2 support.

That might cause it to try both protocols and, since neither end has an IKEv2 proposal chosen, fail with the message you are seeing.

7290
Views
0
Helpful
3
Replies
CreatePlease to create content