Hello,
I am unable to setup a tunnel VPN between a stonesoft and a ESG 6.3.3.
I already have 3 working IPsec VPN with 2 sonicwall and Azure.
It seems the stonesoft couln't recognize the ESG as a valid VPN gateway, it doesn't pass the phase 1.
Please see the log at the Stonesoft side:
"No rule found for IKE peers XX.XX.XX.XX and XX.XX.XX.XX: Peer IP address mismatch"
"Sending error notify, no proposal chosen"
"IKE state start sa negociation R: outgoing ike SA values processing failed: No proposal Chosen.
The log at the NSX side:
2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] pending Quick Mode with XX.XX.XX.XX "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" took too long -- replacing phase 1
2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: initiating Main Mode to replace #9612
2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message
2017-11-28T11:04:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
2017-11-28T11:04:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message
2017-11-28T11:04:50+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
2017-11-28T11:04:50+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message
2017-11-28T11:05:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
2017-11-28T11:05:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message
2017-11-28T11:06:10+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
2017-11-28T11:06:10+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message
2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] pending Quick Mode with XX.XX.XX.XX "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" took too long -- replacing phase 1
2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9614: initiating Main Mode to replace #9613
2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9614: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]: [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9614: received and ignored informational message
Is there a way to have more debug information on the nsg?
Do you have any idea do help me solve this issue?