Lacking logging info for ipsec

Hi,

I’m trying to connect to Cisco IPsec (which I don’t own/control/don’t have access to) and I’m getting errors like

15:32:53 ipsec,debug fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted.
15:32:53 ipsec,debug Message: '8 '.

Settings for proposal are equal (according to admin of other side), but what I don’t understand is why I’m not getting any reasonable error messages only '8 '. that’s it. If I deliberately put incorrect proposal parameters 8 in the message sometimes changes to letter T or M.

Any comments? W/o reasonable error msg it’s kinda hard to debug connection, especially if other party is not exactly service oriented.

There should be a lot of log entries before this line
15:32:53 ipsec,debug fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted.

where you can see what proposals are accepted or rejected.

Not really:

This is all regarding phase2. Full debug (with packet) only says about aes and and sha1 being used, which is what they are supposed to be and hash being validated successfully.

16:02:50 ipsec,debug new acquire Src.SA.Ip.Redacted[0]<=>Dst.SA.Ip.Redacted[0]
16:02:50 ipsec,debug suitable outbound SP found: 192.168.1.0/24[0] 172.16.10.0/24[0] proto=any dir=out
16:02:50 ipsec,debug suitable inbound SP found: 172.16.10.0/24[0] 192.168.1.0/24[0] proto=any dir=in
16:02:50 ipsec,debug initiate new phase 2 negotiation: Src.SA.Ip.Redacted[500]<=>Dst.SA.Ip.Redacte[500]
16:02:50 ipsec,debug pfkey GETSPI succeeded: ESP/Tunnel Dst.SA.Ip.Redacte[500]->Src.SA.Ip.Redacted[500] spi=113507645(0x6c3fd3d)
16:02:50 ipsec,debug sent phase2 packet Src.SA.Ip.Redacted[500]<=>Dst.SA.Ip.Redacte[500] d38b82a95d8d0ba9:9a10698c950e173b:acfebd24
16:02:50 ipsec,debug fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted.
16:02:50 ipsec,debug Message: '8 '.