[Swan] Connecting Libreswan to Cisco ASA
dm at belkam.com
Mon Mar 29 15:10:44 UTC 2021
29.03.2021 17:49, Bruno пишет:
> Hi Dmitry.
> They sent me some screenshots of their side, but I don't think we can
> attach images here on the list, so i'll post the urls:
> https://i.imgur.com/0UKU8i1.png <https://i.imgur.com/0UKU8i1.png>
> https://i.imgur.com/UBrdJm0.png <https://i.imgur.com/UBrdJm0.png>
> https://i.imgur.com/DlGqT0N.png <https://i.imgur.com/DlGqT0N.png>
> I couldn't find any clue there. If needed I can try asking for a dump
> of the configuration from the remote site.
> Thanks for your help!
I use cli for configuring ipsec on ASA, these screenshots is hard to
read for me, although I tried and can't find what is wrong here.
Log you provided shows that ASA complains about crypto map policy
Group = A.A.A.A, IP = A.A.A.A, Skipping dynamic map
SYSTEM_DEFAULT_CRYPTO_MAP sequence 65535: cannot match peerless map when
peer found in previous map entry.
IP = A.A.A.A, Received DPD VID
I guess that problem is somewhere else- asa says there is no peer in
crypto map, but there is config for this peer,
may be they tried to configure this connection, but not completely
Yes, it is better to get config in text.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Swan