Setup IPSec VPN from CISCO CSR 1000v to Google Cloud VPN
252 views
Skip to first unread message
Mr Bin
Jun 26, 2018, 11:20:33 PM6/26/18
to gce-discussion
Dear all,
I am trying to setup IPSec VPN from Ciso csr 1000v (partner site) to our Google Cloud VPN (using policy based routing) but not luck. This is the log from Google Cloud VPN:
I have setup successful vpn tunnel from OpenSwan connect to Google Cloud VPN but we got stuck on this case. Anyone have experience setup on this? I will appreciated any help!
Thanks,
Navi Aujla (Google Cloud Support)
Jun 27, 2018, 5:13:16 PM6/27/18
to gce-discussion
Hello
From the logs messages you provided, it appears peer did not accept DH group MODP_2048. Here are the supported IKEv2 supported ciphers by the Cloud VPN. You may wants to verify the configuration for the Cisco csr 1000v for the supported ciphers.
We are also making efforts to publish a Google Cloud VPN interoperability guide for Cisco CSR 1000v. You can keep track of this documentation link to check the availability.
In addition, this seems like a question to post on stackoverflow.com where you have access to a large community of enthusiasts and experts to share ideas with and get support from. Please make sure to include all relevant details and error messages which would help the community troubleshoot.
From the logs messages you provided, it appears peer did not accept DH group MODP_2048. Here are the supported IKEv2 supported ciphers by the Cloud VPN. You may wants to verify the configuration for the Cisco csr 1000v for the supported ciphers.
We are also making efforts to publish a Google Cloud VPN interoperability guide for Cisco CSR 1000v. You can keep track of this documentation link to check the availability.
In addition, this seems like a question to post on stackoverflow.com where you have access to a large community of enthusiasts and experts to share ideas with and get support from. Please make sure to include all relevant details and error messages which would help the community troubleshoot.
Mr Bin
Jun 27, 2018, 10:48:04 PM6/27/18
to gce-discussion
Dear Navi,
Thanks for your response. I have checked all the document you mention above, but partner side only support Static Routing Policy, and they try to configure all the parameter same as the document in Google Cloud VPN Cipher list support. And this is the latest error mesage and we still got stuck there.
Reply all
Reply to author
Forward
0 new messages