On 2008-11-25, Christoph Leser <[EMAIL PROTECTED]> wrote: > I see the above message in the tcpdump of /var/run/isakmpd.pcap, when a > cisco router establishes quick mode to my openbsd. The connect works ok, > just wondering what this message could mean. I have only seen > 'ENCAPSULATION MODE = TUNNEL' in this context.
That's the encapsulation mode used by draft-ietf-ipsec-nat-t-ike. The non-draft version uses 3 not 61443. (There is also 61433 used by some broken Watchguard products). > As connect setup fails in the opposite direction ( with NO PROPOSAL > CHOSEN from cisco ), using the same parameters. You need a lot more information to work out what's happening here.
