Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
648
Views
0
Helpful
1
Replies

ASA5505 - Cannot connect with Cisco VPN client

admin_2
Level 3
Level 3

‎04-28-2009 11:11 PM - edited ‎03-11-2019 08:25 AM

Labels:
0 Helpful
1 Reply 1

Luftslottet
Level 1
Level 1

‎04-29-2009 04:33 AM

Hmmm, tomcat/apache problmes. Well here is the original post:

Using a Cisco VPN Client 5.0 on a ASA5505 I cannot connect with IPsec. I get the following log on the ASA:

....QM FSM error(P2 struct....etc

....All IPSec sa Proposals found unacceptable!

....Mismatch: Overriding phase2 DH Group(DH group!) with phase 1 group (DH group 2)

....PHASE 1 COMPLETED

AS I understand, authentication is okey, but the client and ASA cannot find a IKE policy to agree on ? I've tried to setup several IKE's (that are listed supported with the Cisco client) but with the same result. Am I looking in the wrong direction here ? help !

Best regards,

/Kristian

Note: This post can also be found on VPN/Seurity. (double post since the webserver rejected my post x-times).

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card