<![CDATA[Windows 10 Client, peer to aggressive]]>

<![CDATA[Windows 10 Client, peer to aggressive]]>Seems like my P2 are failing

Windows 10 client, and IKEv2 IPSec mobile in pfSense

I get "peer to aggressive" in the IPSec logs in pfSense:
ignoring IKE_SA setup from xxx.xxx.xxx.xxx, peer too aggressive

Why is that?

]]>https://forum.netgate.com/topic/158540/windows-10-client-peer-to-aggressiveRSS for NodeTue, 16 Jun 2026 08:44:36 GMTSun, 22 Nov 2020 14:58:06 GMT60<![CDATA[Reply to Windows 10 Client, peer to aggressive on Tue, 24 Nov 2020 19:03:54 GMT]]>I have been testing DH group 19 and 20, but that resulted in "Peer to aggressive". Offcourse I had the same settings on both phase 1 and phase 2 and in Windows 10 and pfSense IKEv2 Mutual RSA config.

Changed to DH Group 14, and that worked.

What can be the reason?

]]>https://forum.netgate.com/post/947383https://forum.netgate.com/post/947383Tue, 24 Nov 2020 19:03:54 GMT