We are setting up a VPN with a partner that is identified by GCP VPN as Cico FlexVPN.
DEBUG 2024-01-02T21:39:36.918277766Z received Cisco FlexVPN Supported vendor ID
I see this in the logs:
NOTICE 2024-01-02T21:39:36.964989898Z IKE_SA vpn_xxx.xxx.xxx.xxx[3] established between xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]…xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]
I looks to me as Stage 1 is connected but then the below lines comes in the logs.
Does this mean that the other side here is not responding to the proposals?
DEBUG 2024-01-02T21:39:36.965074011Z received proposals: IKE:
DEBUG 2024-01-02T21:39:36.965098641Z configured proposals: IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/PRF_HMAC_MD5/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/CURVE_25519, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/HMAC_MD5_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/PRF_HMAC_MD5/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/CURVE_25519
NOTICE 2024-01-02T21:39:36.965112484Z VPN Gateway Cipher Suite IKE Version 2 Phase 1 Encryption Algorithms: Phase 1 Integrity Algorithms: None Phase 1 Pseudo Random Functions: Phase 1 Diffie Hellman Groups: Phase 2 Encryption Algorithms: Phase 2 Integrity Algorithms: None Phase 2 PFS Algorithms: Phase 2 Diffie Hellman Groups:
NOTICE 2024-01-02T21:39:36.965115971Z No proposal was selected.
DEBUG 2024-01-02T21:39:36.965235570Z received TS_UNACCEPTABLE notify, no CHILD_SA built
DEBUG 2024-01-02T21:39:36.965245611Z failed to establish CHILD_SA, keeping IKE_SA