[x]

Troubleshooting IKE > IKE negotiation failed because no matching IKE proposals were found

 

 Next

IKE negotiation failed because no matching IKE proposals were found

Symptom

  1. The IKE SA is in Unknown state. 

    <Sysname> display ike sa
    Connection-ID   Remote                Flag         DOI
------------------------------------------------------------------
    1               192.168.222.5         Unknown      IPSEC
Flags:
RD--READY RL--REPLACED FD-FADING

  2. When IKE event debugging and packet debugging are enabled, the following messages appear:

    IKE event debugging message:

    The attributes are unacceptable.

    IKE packet debugging message:

    Construct notification packet: NO_PROPOSAL_CHOSEN.

Analysis

Certain IKE proposal settings are incorrect.

Solution

  1. Examine the IKE proposal configuration to see whether the two ends have matching IKE proposals.

  2. Modify the IKE proposal configuration to make sure the two ends have matching IKE proposals.

prev

 

up

 next

Troubleshooting IKE 

home

 IKE negotiation failed because no IKE proposals or IKE keychains are specified correctly

© Copyright 2016 Hewlett Packard Enterprise Development LP