Problem to configure client VPN to VPN100

Gio999
Gio999 Posts: 8
Second Anniversary
edited September 2021 in Security
Hello
i have problem to set a vpn from external notebook to our lan by VPN100.
I have read this https://support.zyxel.eu/hc/it/articles/360001378833-Configurazione-da-client-VPN-a-sito-su-dispositivi-USG-ZyWall

And make as it tell but i see this error in log connection
 Default (SA Ikev1Gateway-Ikev1Tunnel-P2) is opening.
Default (SA Ikev1Gateway-P1) SEND phase 1 Main Mode  [SA] [VID] [VID] [VID] [VID] [VID] [VID]
 Default (SA <unknown>) RECV Informational  [NOTIFY] with NO_PROPOSAL_CHOSEN error
what's wrong?
Thanks

Accepted Solution

All Replies

  • mMontana
    mMontana Posts: 1,380  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    edited September 2021
    Something wrong on one of the sides of the VPN... "NO_PROPOSAL_CHOSEN" means that into phase 1 there's no match between allowed cyphers on the firewall and allowed cyphers on the client.
    Phase 1 -> check the gateway section into firewall than the phase 1 into the client.
  • PeterUK
    PeterUK Posts: 3,326  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Be sure to have Policy Control rule like from IPSec_VPN to ZyWALL as that one catches me out. 
  • Hello thanks for  your help. I have resolved it. But i have a question. I have 2 office in VPN (same zyxel model vpn100) and i have set one of this to connect the notebook from home. Now the notebook see the lan and pc where i have maked the vpn, but not see the other office. There are possible that see the 2 office?
    Thanks
  • mMontana
    mMontana Posts: 1,380  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    Building the correct routes and firewall rules for the segment of IPSec
  • Thanks for your help. There are some guides  o manual about this? Thanks
  • mMontana
    mMontana Posts: 1,380  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    The user manual and a skilled-enough network competency on topology design.

    Which was the issue of the creation of the VPN? Please, mark the correct post/solution, or feel free to explain what was wrong.
    Maybe could help the next person like you that's having the same problem ;)
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Answer ✓
    Gio999 said:
    Thanks for your help. There are some guides  o manual about this? Thanks
    You can follow this post to set up.  =)
    https://community.zyxel.com/en/discussion/comment/32987#Comment_32987

Security Highlight