Failing Phase2 Auth - IPSec - All IPSec SA proposals found unacceptable
in [Cisco]
|
Prev: Failing Phase2 Auth - IPSec - All IPSec SA proposals found unacceptable
Next: ADSL interface attenuation
From: News Reader on 26 Nov 2008 21:50 scooter133(a)gmail.com wrote: > I'm getting the Below Debug info when I try to Connect my Client to > the PIX 515e. > > The Client is an iPhone. Seems like I have all of the Transforms in > there. > > How can I trouble shoot this? > > Thanks! > Scott<- > > > > 4:15:32 PM %PIX-3-713119: Group = <group>, Username = <user>, IP = > <ip>(unresolved), PHASE 1 COMPLETED > 4:15:32 PM %PIX-5-713904: Group = <group>, Username = <user>, IP = > <ip>(unresolved), All IPSec SA proposals found unacceptable! > 4:15:32 PM %PIX-3-713902: Group = <group>, Username = <user>, IP = > <ip>(unresolved), QM FSM error (P2 struct &0x2452b08, mess id > 0x9193376c)! > 4:15:32 PM %PIX-3-713902: Group = <group>, Username = <user>, IP = > <ip>(unresolved), Removing peer from correlator table failed, no > match! > 4:15:32 PM %PIX-4-113019: Group = <group>, Username = <user>, IP = > <ip>(unresolved), Session disconnected. Session Type: IPSec, Duration: > 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: Phase 2 Mismatch > 4:15:31 PM %PIX-6-713172: Group = <group>, IP = <ip>(unresolved), > Automatic NAT Detection Status: Remote end IS behind a NAT device This > end IS behind a NAT device > 4:15:31 PM %PIX-6-113012: AAA user authentication Successful : local > database : user = <user> > 4:15:31 PM %PIX-6-113009: AAA retrieved default group policy > (<group>) for user = <user> > 4:15:31 PM %PIX-6-113008: AAA transaction status ACCEPT : user = > <user> > 4:15:31 PM %PIX-5-713130: Group = <group>, Username = <user>, IP = > <ip>(unresolved), Received unsupported transaction mode attribute: 5 > 4:15:31 PM %PIX-6-713184: Group = <group>, Username = <user>, IP = > <ip>(unresolved), Client Type: iPhone OS Client Application Version: > 2.2 > 4:15:31 PM %PIX-5-713131: Group = <group>, Username = <user>, IP = > <ip>(unresolved), Received unknown transaction mode attribute: 28683 > 4:15:31 PM %PIX-6-713228: Group = <group>, Username = <user>, IP = > <ip>(unresolved), Assigned private IP address <IpSecIP>(unresolved) to > remote user Did a quick search on Google for the term "iphone ipsec transforms" and received plenty of results. The first link looked interesting in terms of identifying transform limitations of the iPhone: http://www.networkworld.com/community/node/23023 Perhaps you'll find what you are looking for in that document, or one of the others within the search results. Best Regards, News Reader |