Android Gingerbread has added support for true IPsec VPN, and I'm trying to get this to work with my Cisco ASA 5510 appliance. On the device, I've selected PSK v1 with Xauth as the connection method. I'm seeing "all IPsec SA proposals found unacceptable" when the device attempts to connect on the ASA's debug log, and the devices says "IKE negotiation failed". The transform-sets currently applied to my outside interface are ESP-AES-256-SHA, and ESP-AES-256-MD5. Does anybody know the correct transform-set that I need to apply to allow Android devices to connect?
Gingerbread’s IPsec client and Cisco ASA
androidipsec
Best Answer
The issue was that perfect forward secrecy needed to be disabled.