I'll answer my own post.
I've come to the conclusion that the OpenBSD IKEv2 implementation in iked is
incompatible with Cisco. It works between OpenBSD boxes but none of the
several Cisco ASA devices I've tried with did I get it to work. Switching to
IKEv1, i.e. ISAKMPd, works immediately.
/ Dan
Hi,
I feel that I've tried just about every permutation of the various iked and
Cisco crypto settings to get this tunnel up and it just won't work.
One endpoint is a OpenBSD 6.2 and the other is a Cisco ASA 5510 9.1(7).
I started out with high crypto settings but have adjusted down along the
wa
2 matches
Mail list logo
