VPN IPSEC IKEv2 and ANDROID13

hanphi
hanphi Posts: 1
in Security
Hi,

I'm trying to connect a smartphone under Android 13 and my USG110 with an IKEv2 connection.

My USG110 is behind an other product (not direct on internet).

I don't understand why I have : Phase 2 Local policy mismatch


Thank you for your support


281
2023-01-25 01:23:19
info
IKE
IKE SA [VPN_SMARTPHONE] is disconnected
router IP
smartphone
IKE_LOG
282
2023-01-25 01:23:19
info
IKE
The cookie pair is : 0x518de318d5b404d2 / 0x0c55ddabaa5d25e7
router IP
smartphone IP
IKE_LOG
381
2023-01-25 01:22:47
info
IKE
IPsec SA negotiation failed
router IP
smartphone IP
IKE_LOG
382
2023-01-25 01:22:47
info
IKE
[SA] : No proposal chosen
router IP
smartphone IP
IKE_LOG
383
2023-01-25 01:22:47
info
IKE
[ID] : Tunnel [VPN_SMARTPHONE] Phase 2 Local policy mismatch
router IP
smartphone IP
IKE_LOG
384
2023-01-25 01:22:47
info
IKE
[AUTH] Recv:[IDi][IDr][NOTIFY][AUTH][SA][TSi][TSr][CONF]
smartphone IP
router IP
IKE_LOG
385
2023-01-25 01:22:46
info
IKE
[INIT] Send:[SAr1][KE][NONCE][NOTIFY][CERTREQ][VID][VID][VID][VID][VID]
router IP
smartphone IP
IKE_LOG
386
2023-01-25 01:22:46
info
IKE
The cookie pair is : 0x518de318d5b404d2 / 0x0c55ddabaa5d25e7 [count=4]
router IP
smartphone IP
IKE_LOG
387
2023-01-25 01:22:46
info
IKE
Recv IKE sa: SA([0] protocol = IKE (1), AES CTR key len = 256, AES CBC key len = 256, AES CTR key len = 192, AES CBC key len = 192, AES CTR key len = 128, AES CBC key len = 128, HMAC-SHA512-256, HMAC-SHA384-192, HMAC-SHA256-128, AES-XCBC-96, unknown integ
smartphone IP
router IP
IKE_LOG
388
2023-01-25 01:22:46
info
IKE
[INIT] Recv: [SA][KE][NONCE][NOTIFY][NOTIFY]
smartphone IP
router IP
IKE_LOG
389
2023-01-25 01:22:46
info
IKE
Receiving IKEv2 request
smartphone IP
router IP
IKE_LOG
390
2023-01-25 01:22:46
info
IKE
The cookie pair is : 0x0c55ddabaa5d25e7 / 0x518de318d5b404d2 [count=3]
smartphone IP
router IP
IKE_LOG
















Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)