IPsec VPN USG Flex 200 error

Options
hello,
I am trying to set up a point to point ipsec vpn on a USG Flex 200, my side is the client.
I have used the wizard and it has created the gateway and the connection but I can't get it to connect.
In the log I see the error Phase 2 proposal mismatch and No proposal chosen.



I have checked within the parameters of the VPN connection in the Phase 2 Settings section that I have the Proposal AES256 and SHA512 as configured on the other side.
What could be wrong so that the connection is not established?



Thanks in advance, regards

All Replies

  • Zyxel_James
    Zyxel_James Posts: 630  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Welcome to Zyxel community.
    Could you provide the firmware version of the USG FLEX 200? and Is another site also a Zyxel device? We also need the complete logs of the negotiation.
    Is USG FLEX 200 behind NAT? or another peer?

    Moreover, for further checking, could you provide remote access via private message to me, I will check on this for you, thank you.

    James
  • Miguel_Bragado
    Options
    Hello,

    This is my installation scheme. USG is behind the router of my internet provider, but i have a 1 to 1 nat configured on this router. Firmware Version is V5.31(ABUI.0) / 2022-06-30 02:27:32




    I can provide remote access to the equipment if you tell me how to send you the credentials.

    Thanks in advance, BR

  • Zyxel_James
    Zyxel_James Posts: 630  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    You may contact me through private message, clicking my name/icon  for messages. You can limit the access to our official public IP's
    61.222.75.14
    61.220.247.157
    61.220.247.158
    61.220.247.160​
    Thank you.

    Moreover, is the remote site a Zyxel device too? is it possible to provide remote access on remote site?

    James
  • Miguel_Bragado
    Options
    Hello @Zyxel_James,

    I have sent you the remote access data by private message.

    Thank you

Security Highlight