IPsec VPN USG Flex 200 error

Miguel_Bragado

hello,

I am trying to set up a point to point ipsec vpn on a USG Flex 200, my side is the client.

I have used the wizard and it has created the gateway and the connection but I can't get it to connect.

In the log I see the error Phase 2 proposal mismatch and No proposal chosen.

I have checked within the parameters of the VPN connection in the Phase 2 Settings section that I have the Proposal AES256 and SHA512 as configured on the other side.

What could be wrong so that the connection is not established?



Thanks in advance, regards

Zyxel_James

Hello @Miguel_Bragado,

Welcome to Zyxel community.

Could you provide the firmware version of the USG FLEX 200? and Is another site also a Zyxel device? We also need the complete logs of the negotiation.

Is USG FLEX 200 behind NAT? or another peer?

Moreover, for further checking, could you provide remote access via private message to me, I will check on this for you, thank you.

James

Miguel_Bragado

Hello,

This is my installation scheme. USG is behind the router of my internet provider, but i have a 1 to 1 nat configured on this router. Firmware Version is V5.31(ABUI.0) / 2022-06-30 02:27:32




I can provide remote access to the equipment if you tell me how to send you the credentials.

Thanks in advance, BR

Zyxel_James

Hello @Miguel_Bragado,

You may contact me through private message, clicking my name/icon  for messages. You can limit the access to our official public IP's

61.222.75.14

61.220.247.157

61.220.247.158

61.220.247.160​

Thank you.

Moreover, is the remote site a Zyxel device too? is it possible to provide remote access on remote site?

James

Miguel_Bragado

Hello @Zyxel_James,

I have sent you the remote access data by private message.

Thank you