Hello @naeemu518 ,

in the logs we two kind of error messages:

a)

*Aug 23 03:22:52.894: %SMART_LIC-6-EXPORT_CONTROLLED: Usage of export controlled features is not allowedESG-PM-ACL:[subsys-init] Init ESG-ACL subsystem starting

this means that the device is not allowed to use Export controlled security features . This really depends on the country where the device has been bought.

later during the boot we other messages that complain of usage of old algorythims like

B)

Aug 23 03:23:00.711: %CRYPTO_ENGINE-5-CSDL_COMPLIANCE_EXCEPTION_ADDED: Cisco PSB security compliance exception has been added by this platform for use of RSA Key Size
*Aug 23 03:23:00.861: %CRYPTO_ENGINE-5-CSDL_COMPLIANCE_EXCEPTION_ADDED: Cisco PSB security compliance exception has been added by Crypto IKEv2 for use of DES
*Aug 23 03:23:00.862: %CRYPTO_ENGINE-5-CSDL_COMPLIANCE_EXCEPTION_ADDED: Cisco PSB security compliance exception has been added by Crypto IKEv2 for use of 3DES
*Aug 23 03:23:00.862: %CRYPTO_ENGINE-5-CSDL_COMPLIANCE_EXCEPTION_ADDED: Cisco PSB security compliance exception has been added by Crypto IKEv2 for use of DH
*Aug 23 03:23:00.862: %CRYPTO_ENGINE-5-CSDL_COMPLIANCE_EXCEPTION_ADDED: Cisco PSB security compliance exception has been added by Crypto IKEv2 for use of MD5

and so on.

The first aspect to understand is if the router can use Export controlled features or not.

The second aspect comes from the fact that a security compliance check has been started on the system.

This check creates a log line for each algorythm of encryotion or HMAC authentication that is considered old and weak now like MD5 HMAC or DES or 3DES.

Verify the configuration of your site to site VPNs, the IKEv2 different polices , tranform sets and so on.

Hope to help

Giuseppe