Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About SamW
SamW
Comes here often
Member since May 16, 2022
Oct 3 2022
Community Record
3
Posts
0
Kudos
0
Solutions
Oct 2 2022
10:55 AM
I think I finally found out which Phase 2 parameter doesn't match, causing the Meraki MX to keep sending NO_PROPOSAL_CHOSEN back to Oracle. Oracle Support told me this: If using GCM, no authentication algorithm is required because authentication is included with GCM encryption. However, Meraki does not have AES-256-GCM for phase 2 encryption, so an authentication algorithm is required. The following options are supported: - HMAC-SHA-256-128 (recommended) - HMAC-SHA1-128 But the cryptographic technique HMAC is absent for Meraki as well.The messages like set ikev1 error <14> received and ignored notification payload: NO_PROPOSAL_CHOSEN will come up whenever the Phase 2 is reached. I must find a solution and cannot just replace our newly purchased MX250. Oracle has a list of "Verified CPE Devices" which include Fortinet, and we have a spare Fortigate 60F. Any concerns with putting the 60F behind the MX250 and trying to establish the VPN connection between Oracle and the 60F?
... View more
Sep 23 2022
7:53 AM
We have a site VPN set up on our Meraki MX250 with a software vendor using Oracle Cloud. The VPN connects fine as far as we can tell. The application running through the tunnel works too, but with intermittent hiccups. In the MX250 event log, I do not see any errors (that I can tell). On the Oracle side, they do see errors and believe the errors are causing the hiccups (dropped packets). Below is an excerpt from the Oracle error log. I see ikev1 error <14>, which I believe indicates a Phase 2 mismatch? But if there is a mismatch, how does the tunnel come up in the first place? And could this cause data to be intermittently dropped? Am I going down the wrong path thinking it is a Phase 2 issue? I have more details from the Oracle error log if needed. Thanks in advance for your help!
... View more
May 16 2022
2:50 PM
Hi, reviving this thread as I need to set up a site-to-site VPN from my Meraki MX250 with a business partner using Oracle Cloud. I'm looking for assistance with the Meraki IPSec settings to make this work? Oracle lists them below, but I'm thinking someone has some real-world experience or advice? Thanks in advance! https://docs.oracle.com/en-us/iaas/Content/Network/Reference/supportedIPsecparams.htm#Supported_IPSec_Parameters
... View more
© 2024 Cisco Systems, Inc.
