Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 532 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why won't RoadWarrior work?

BrucekConvergent
This has me pulling my hair out.. I've configured the ASL 6.102 server and ASC client per the KB article, yet I keep getting "PROPOSAL_NOT_CHOSEN" messages in the ASC log when I attempt to connect... both IKE and IPSEC profiles are set to AES_PFS, matches the ASL box perfectly, have even tried other profiles... still complains.  Any ideas?


This thread was automatically locked due to age.
Parents
  • 0
    Answered my own question:  

    :06:10 (none) pluto[5846]: "D_ConvergentVPN_0"[7] 65.188.10.84 #7: peer requested 31522200 seconds which exceeds our limit 86400 seconds. Attribute OAKLEY_LIFE_DURATION (variable length)



    It looks like a bug with the INI file that ASL exports.. I had to manually set the lifetimes back to 24 hours (ASC, as imported, had 1 year in there), connection worked fine after that.  I will report this to astaro support.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0
    Answered my own question:  

    :06:10 (none) pluto[5846]: "D_ConvergentVPN_0"[7] 65.188.10.84 #7: peer requested 31522200 seconds which exceeds our limit 86400 seconds. Attribute OAKLEY_LIFE_DURATION (variable length)



    It looks like a bug with the INI file that ASL exports.. I had to manually set the lifetimes back to 24 hours (ASC, as imported, had 1 year in there), connection worked fine after that.  I will report this to astaro support.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Cookie Information Banner