IPsec VPN USG Flex 200 error

hello,
I am trying to set up a point to point ipsec vpn on a USG Flex 200, my side is the client.
I have used the wizard and it has created the gateway and the connection but I can't get it to connect.
In the log I see the error Phase 2 proposal mismatch and No proposal chosen.



I have checked within the parameters of the VPN connection in the Phase 2 Settings section that I have the Proposal AES256 and SHA512 as configured on the other side.
What could be wrong so that the connection is not established?



Thanks in advance, regards

All Replies

  • Zyxel_James
    Zyxel_James Posts: 136
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 5 Answers
     Ally Member
    Welcome to Zyxel community.
    Could you provide the firmware version of the USG FLEX 200? and Is another site also a Zyxel device? We also need the complete logs of the negotiation.
    Is USG FLEX 200 behind NAT? or another peer?

    Moreover, for further checking, could you provide remote access via private message to me, I will check on this for you, thank you.

    James
  • Hello,

    This is my installation scheme. USG is behind the router of my internet provider, but i have a 1 to 1 nat configured on this router. Firmware Version is V5.31(ABUI.0) / 2022-06-30 02:27:32




    I can provide remote access to the equipment if you tell me how to send you the credentials.

    Thanks in advance, BR

  • Zyxel_James
    Zyxel_James Posts: 136
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 5 Answers
     Ally Member
    You may contact me through private message, clicking my name/icon  for messages. You can limit the access to our official public IP's
    61.222.75.14
    61.220.247.157
    61.220.247.158
    61.220.247.160​
    Thank you.

    Moreover, is the remote site a Zyxel device too? is it possible to provide remote access on remote site?

    James
  • Hello @Zyxel_James,

    I have sent you the remote access data by private message.

    Thank you

Security Highlight