Menu
▾
▴
Re: [Ipsec-tools-devel] 0.7.x issue?
|
From: VANHULLEBUS Y. <va...@fr...> - 2008-07-24 20:42:13
|
On Thu, Jul 24, 2008 at 01:58:18PM -0500, Peter Eisch wrote: [....] > ERROR: rejected hashtype: DB(prop#1:trns#1):Peer(prop#1:trns#2) = SHA:MD5 > ERROR: rejected enctype: DB(prop#1:trns#1):Peer(prop#1:trns#3) = > 3DES-CBC:AES-CBC > ERROR: rejected enctype: DB(prop#1:trns#1):Peer(prop#1:trns#4) = > 3DES-CBC:AES-CBC > > The config is for main, 3des, sha1, dh/pfs group 2 on both ends for both > phase 1 and phase 2. Running 0.6.7 the peer pops right up and with 0.7.1 > (as well as 0.7) it won't establish phase 1. It keeps logging lines like > above. > > Hints, tricks, ideas? Just read your logs: your config says "3DES / SHA1", but your peers sends proposals with "AES - MD5". Yvan. |