Support Center > Search Results > SecureKnowledge Details
When using AES-128 with SHA256, negotiation succeeds, but VPN tunnel fails Technical Level
Symptoms
  • When selecting AES-128 with SHA-256 for IPsec VPN, the negotiation succeeds, but VPN tunnel fails. If change to 3DES it works.

  • Kernel crash when AES is used with SHA256.
  • IKE negotiation fails with Error "No proposal choosen"
Cause

Due to sanity check being done on AES encryption algorithm, VPN traffic fails, and an SPI delete packet is sent.


Solution
Note: To view this solution you need to Sign In .