[Swan] cisco asa IKEv2 Negotiation aborted due to ERROR: The peer's KE payload contained the wrong DH group

Dmitry Melekhov dm at belkam.com
Wed May 15 04:20:21 UTC 2019


14.05.2019 17:44, Paul Wouters пишет:
> On Tue, 14 May 2019, Dmitry Melekhov wrote:
>
>>>  Well, I mean connecting  edgeos strongswan to cisco asa.
>>>
>>>  Looks like it works good, with mobike=no, set this on centos 7 
>>> libreswan
>>>  too, need to wait more .
>>
>>
>> It works OK for strongswan, but libreswan still have problems with 
>> Cisco ASA ike2...
>
> If you can give me a little more informationa about the setup and
> libreswan version and logs of the failure, I can look into this
> further.
>
> Paul

Thank you!


I turned on debug and waiting .

Once I'll get in reproduced, I'll open issue on github.

Thank you!




More information about the Swan mailing list