Need understanding: Using V6.30.4 to implement ipsec on eoip tunnel. Setup is src/dst address and ipsec password.
Tunnel and dynamic policy is added, change default proposal to aes-256-cbc only. When apply at both ends getting remote peer as initiator and responder. Also on peer tab peer listed as sha1 - 3des aes-128, not what is in proposal. Is it right that you get both initiator and responder ( doubling up on Remote peers and Installed SA’s)
Proposal is for phase2, ipsec peer config is phase1 so it can have different algorithms than specified in proposal.