Hello Tobias, Remote side is asking disable PFS Group 5:
PFS Group 5 is not configured on our end and is not enabled by default. If this is currently required on the Andrii end then we will open a change to have this added. Can it cause this problem? How can I disable PFS on my side? we have no DH group defined for esp, so pfs is disabled. What i have in doc: pfs = yes | no whether Perfect Forward Secrecy of keys is desired on the connection's keying channel (with PFS, penetration of the key-exchange protocol does not compromise keys negotiated earlier). IKEv2 always uses PFS for IKE_SA rekeying whereas for CHILD_SA rekeying PFS is enforced by defining a Diffie-Hellman dhgroup in the esp parameter. Since 5.0.0 <https://wiki.strongswan.org/projects/strongswan/wiki/500> the latter also applies to IKEv1 and this parameter has no effect anymore. I set pfs=no, and have this in my log: ipsec_starter[1]: Starting strongSwan 5.6.2 IPsec [starter]... # deprecated keyword 'pfs' in conn 'remote-asa' ipsec_starter[1]: # deprecated keyword 'pfs' in conn 'remote-asa' PFS is enabled by specifying a DH group in the 'esp' cipher suite ipsec_starter[1]: PFS is enabled by specifying a DH group in the 'esp' cipher suite I have no DH group specified for ESP on my side: esp=aes256-sha1! Thank you, Andrii Petrenko apl...@gmail.com <mailto:apl...@gmail.com> > On Mar 20, 2018, at 8:07 AM, Andrii Petrenko <apl...@gmail.com> wrote: > > Hello Tobias, > > Thank you for details. > I’ve already tased with > > esp=aes256-sha1! > esp=aes128-sha1! > esp=3des-md5! > > No luck. Requested logs and configs from ASA by > > debug crypto ikev1 127 > debug crypto ipsec 127 > > show crypto ipsec sa > > Thank you, > > Andrii Petrenko > apl...@gmail.com <mailto:apl...@gmail.com> > >> On Mar 20, 2018, at 12:45 AM, Tobias Brunner <tob...@strongswan.org >> <mailto:tob...@strongswan.org>> wrote: >> >> Hi Andrii, >> >> ike-scan won't help you here as it only reports on Phase 1 (IKE SA), but >> your problem is during Phase 2 (Quick Mode, IPsec SA). >> >>> Remote side is not supporting pfs. >>> >>> IKE Phase One Parameters: >>> Encryption Algorithm: AES 256 >>> Hash Algorithm: SHA >>> Authentication Method: Pre-shared key >>> Key Exchange: Diffie Hellman Group 5 >>> IKE SA Lifetime: 86400 (Cisco default) >>> >>> IKE Phase Two Parameters (IPSEC): >>> Authentication: ESP with SHA-HMAC >>> Encryption Algorithm: ESP-AES 256 >>> SA Establishment: ipsec-isakmp (IKE negotiated) >>> IPSEC Mode Tunnel (Cisco default) >>> IPSEC SA Lifetime (time) 3600 seconds >>> IPSEC SA Lifetime (volume) 4608000 kilobytes >>> PFS (Perfect Forward Secrecy) No >>> >>> Optional encryption if requirements differ from above: >>> esp-3des esp-md5-hmac >>> esp-aes 256 esp-sha-hmac >>> esp-aes 128 esp-sha-hmac >>> >>> This information I have from remote side. >> >> Looks like esp=aes256-sha1! should be correct then. You could also try >> esp=aes128-sha1! or esp=3des-md5! (not recommended though). And if this >> doesn't work, ask the remote admins for the correct settings (they >> should see in the log why the proposal was rejected). >> >>> Is it possible to se what offer remote side? >> >> No (unless you do what ike-scan does i.e. try a number of possible >> combinations). >> >> Regards, >> Tobias >