Hello,

I have a problem in configurin IPSEC with Cisco router with destination any (0.0.0.0/0), I want to use enc-algorithem=3des and auth-algorithm=md5, once I have succedeed, but never again, I'm doing the same configuration again and again but no success, here is my configuration:

[admin@BPB-Peje] > ip ipsec peer print
Flags: X - disabled
0 address=192.168.29.9/32:500 secret="8p884nkPr1" generate-policy=no exchange-mode=main send-initial-contact=yes proposal-check=obey hash-algorithm=md5
enc-algorithm=3des dh-group=modp1024 lifetime=1d lifebytes=0

[admin@BPB-Peje] > ip ipsec proposal print
Flags: X - disabled
0 name="Peja-HQ" auth-algorithms=md5 enc-algorithms=3des lifetime=30m lifebytes=0 pfs-group=modp1024


[admin@BPB-Peje] > ip ipsec policy print
Flags: X - disabled, D - dynamic, I - invalid
0 src-address=192.178.62.0/24:any dst-address=0.0.0.0/0:any protocol=all action=encrypt level=require ipsec-protocols=esp tunnel=yes
sa-src-address=192.168.31.197 sa-dst-address=192.168.29.9 proposal=Peja-HQ manual-sa=none dont-fragment=clear

But when I do
IP IPSEC INSTALLED-SA PRINT I'm geting this
0 E spi=0x9BD2D807 direction=in src-address=192.168.29.9 dst-address=192.168.31.197 auth-algorithm=none enc-algorithm=none


Best Regards.


Faton

Im stuck with IPSEC too but maybe this would help your situation
>ip ipsec installed-sa flush

Yes, it is working perfectly, thanks a lot.

Regards.

Faton

Anytime