I have a similar problem, since 1.1.7 PFS in phase 2 is not working.
"Oakley Transform [AES_CBC (256), HMAC_SHA2_256, (null)] refused due to strict flag."
As you can see there is no pfs proposal sent by 1.1.7.
The same with a tunnel between 1.1.7 and pfsense 2.3.2.
When activating PFS on both there is no matching proposal, when disabling PFS on pfSense a proposal is found.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Nov 4 2016
Nov 4 2016