• April 24, 2024, 02:20:44 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Warning IPSEC 1803020 statusmsg="No proposal chosen" DFL 210  (Read 9625 times)

amanju

  • Level 1 Member
  • *
  • Posts: 4
Warning IPSEC 1803020 statusmsg="No proposal chosen" DFL 210
« on: October 11, 2010, 01:32:43 AM »
I had a DFL 210 IPSEC VPN tunnel working for the past 06 months without any error, since yesterday I have started getting the below errors on both sides of the tunnel. I haven't changed any settings on both the DFL 210's..

2010-10-11
11:28:15 Info IPSEC
1803021   
 
 
 ipsec_sa_statistics
 
done=11856 success=523 failed=11333 
2010-10-11
11:28:15 Warning IPSEC
1800109   
 
 
 ike_quickmode_failed
 
local_ip=196.28.x.x remote_ip=193.220.x.x cookies=95cd6e4cb7b9222456ceb122af5dc39f reason="No proposal chosen" 
2010-10-11
11:28:15 Warning IPSEC
1803020   
 
 
 ipsec_sa_failed
no_ipsec_sa
statusmsg="No proposal chosen" 
2010-10-11
11:28:15 Info IPSEC
1800102   
 
2010-10-11
11:28:15 Info IPSEC
1802703   
 
ike_sa_negotiation_completed
ike_sa_completed
local_peer="196.28.x.x ID 196.28.x.x" remote_peer="193.220.x.x ID 193.220.x.x" initiator_spi="95cd6e4c b7b92224" responder_spi="56ceb122 af5dc39f" int_severity=6 
2010-10-11
11:28:15 Info IPSEC
1800102   
 
ipsec_event
 
message="IPSec SA [Responder] negotiation failed:" 


Please assist me, I have even upgraded to the latest firmware but the problem persists.

Thanks
Logged

silver_surfer30

  • Level 3 Member
  • ***
  • Posts: 107
Re: Warning IPSEC 1803020 statusmsg="No proposal chosen" DFL 210
« Reply #1 on: October 11, 2010, 06:30:41 AM »
I had the same issue with my greenbow vpn client for no reason.
I have modified my configuration on the DFL using IKE config mode and all sudden everything is working fine.

I'm still investigating to find the reason why this behaviour.

I've changed my vpn client with another make and do not encounter the issue.
Logged

amanju

  • Level 1 Member
  • *
  • Posts: 4
Re: Warning IPSEC 1803020 statusmsg="No proposal chosen" DFL 210
« Reply #2 on: October 11, 2010, 06:37:00 AM »
What did you exactly do that resolved the problem ?
Logged

amanju

  • Level 1 Member
  • *
  • Posts: 4
Re: Warning IPSEC 1803020 statusmsg="No proposal chosen" DFL 210
« Reply #3 on: October 11, 2010, 06:45:11 AM »
Sorry but I am connecting between two DFL 210 Firewalls. I can see that IPSEC doesn't establish but IKE does establish.

Even after that I cannot ping on the other sides LAN interface. This was working all perfect until Friday and stopepd working on Saturday. My ISP says they havent disabled any VPN traffic going through their links however I dont see them as a problem as as I can notice the IKE estabishes.

I am not sure why suddenly the ping and traffic stooped between the two networks.
Logged

chechito

  • Level 3 Member
  • ***
  • Posts: 193
Re: Warning IPSEC 1803020 statusmsg="No proposal chosen" DFL 210
« Reply #4 on: October 15, 2010, 07:52:57 PM »
that warning refers to encryption algorithms discrepancy between peers.

ensure ike and ipsec algorithms are consistent
Logged