Make sure that your pre shared key matches and that your auth type are the same. I.e. If you are using 3des on the firewall, make sure to use 3des on Shrew. Try not to use "auto" as some firewalls do not support this.
**** Sent From Blackberry Wireless Handheld **** ________________________________ From: [email protected] <[email protected]> To: nikish bhat <[email protected]> Cc: [email protected] <[email protected]> Sent: Fri Oct 12 02:53:57 2012 Subject: Re: [vpn-help] Tunnel not coming up ..Urgent .. Hi Nikish, 12/10/02 18:56:11 ii : received peer NO-PROPOSAL-CHOSEN notification Check your configuration (Parameter of Phase 1, it is not the same between the client and your vpn gateway ) Regards, On Tue, Oct 2, 2012 at 3:38 PM, nikish bhat <[email protected]> wrote: Hi Team, I am using shrew client version 2.1.7 to connect to an SRX-100 VPN gateway with JUNOS 11.4 but I am getting the below mentioned error everytime.I am trying it from the past 3-4 days but still no luck. I am having WIN7 64-bit on my windows machine. I am really struggling to get the tunnel enabled. Appreciate any help. 12/10/02 18:56:01 ii : ipc client process thread begin ... 12/10/02 18:56:01 <A : peer config add message 12/10/02 18:56:01 DB : peer added ( obj count = 1 ) 12/10/02 18:56:01 ii : local address x.x.x.x selected for peer 12/10/02 18:56:01 DB : tunnel added ( obj count = 1 ) 12/10/02 18:56:01 <A : proposal config message 12/10/02 18:56:01 <A : proposal config message 12/10/02 18:56:01 <A : client config message 12/10/02 18:56:01 <A : xauth username message 12/10/02 18:56:01 <A : xauth password message 12/10/02 18:56:01 <A : local id '[email protected]' message 12/10/02 18:56:01 <A : preshared key message 12/10/02 18:56:01 <A : peer tunnel enable message 12/10/02 18:56:01 DB : new phase1 ( ISAKMP initiator ) 12/10/02 18:56:01 DB : exchange type is aggressive 12/10/02 18:56:01 DB : x.x.x.x::500 <-> x.x.x.x:500 12/10/02 18:56:01 DB : eba815e2952d5cf8:0000000000000000 12/10/02 18:56:01 DB : phase1 added ( obj count = 1 ) 12/10/02 18:56:01 >> : security association payload 12/10/02 18:56:01 >> : - proposal #1 payload 12/10/02 18:56:01 >> : -- transform #1 payload 12/10/02 18:56:01 >> : key exchange payload 12/10/02 18:56:01 >> : nonce payload 12/10/02 18:56:01 >> : identification payload 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports XAUTH 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports nat-t ( draft v00 ) 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports nat-t ( draft v01 ) 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports nat-t ( draft v02 ) 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports nat-t ( draft v03 ) 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports nat-t ( rfc ) 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports FRAGMENTATION 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local supports DPDv1 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local is SHREW SOFT compatible 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local is NETSCREEN compatible 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local is SIDEWINDER compatible 12/10/02 18:56:01 >> : vendor id payload 12/10/02 18:56:01 ii : local is CISCO UNITY compatible 12/10/02 18:56:01 >= : cookies eba815e2952d5cf8:0000000000000000 12/10/02 18:56:01 >= : message 00000000 12/10/02 18:56:01 -> : send IKE packet x.x.x.x:500 -> x.x.x.x:500 ( 533 bytes ) 12/10/02 18:56:01 DB : phase1 resend event scheduled ( ref count = 2 ) 12/10/02 18:56:01 <- : recv IKE packet x.x.x.x:500 -> x.x.x.x:500 ( 102 bytes ) 12/10/02 18:56:01 DB : phase1 found 12/10/02 18:56:01 ii : processing informational packet ( 102 bytes ) 12/10/02 18:56:01 =< : cookies eba815e2952d5cf8:31e74a4caa00d17b 12/10/02 18:56:01 =< : message 17405094 12/10/02 18:56:01 << : notification payload 12/10/02 18:56:01 ii : received peer NO-PROPOSAL-CHOSEN notification 12/10/02 18:56:01 ii : - x.x.x.x:500 -> x.x.x.x:500 12/10/02 18:56:01 ii : - isakmp spi = eba815e2952d5cf8:31e74a4caa00d17b 12/10/02 18:56:01 ii : - data size 46 12/10/02 18:56:06 -> : resend 1 phase1 packet(s) x.x.x.x:500 -> x.x.x.x:500 12/10/02 18:56:11 -> : resend 1 phase1 packet(s) x.x.x.x:500 -> x.x.x.x:500 12/10/02 18:56:11 <- : recv IKE packet x.x.x.x:500 -> x.x.x.x:500 ( 102 bytes ) 12/10/02 18:56:11 DB : phase1 found 12/10/02 18:56:11 ii : processing informational packet ( 102 bytes ) 12/10/02 18:56:11 =< : cookies eba815e2952d5cf8:31e74a4caa00d17b 12/10/02 18:56:11 =< : message 17405094 12/10/02 18:56:11 << : notification payload 12/10/02 18:56:11 ii : received peer NO-PROPOSAL-CHOSEN notification 12/10/02 18:56:11 ii : - x.x.x.x:500 -> x.x.x.x:500 12/10/02 18:56:11 ii : - isakmp spi = eba815e2952d5cf8:31e74a4caa00d17b 12/10/02 18:56:11 ii : - data size 46 12/10/02 18:56:16 -> : resend 1 phase1 packet(s) x.x.x.x -> x.x.x.x:500 12/10/02 18:56:21 ii : resend limit exceeded for phase1 exchange 12/10/02 18:56:21 ii : phase1 removal before expire time 12/10/02 18:56:21 DB : phase1 deleted ( obj count = 0 ) 12/10/02 18:56:21 DB : policy not found 12/10/02 18:56:21 DB : policy not found 12/10/02 18:56:21 DB : tunnel stats event canceled ( ref count = 1 ) 12/10/02 18:56:21 DB : removing tunnel config references 12/10/02 18:56:21 DB : removing tunnel phase2 references 12/10/02 18:56:21 DB : removing tunnel phase1 references 12/10/02 18:56:21 DB : tunnel deleted ( obj count = 0 ) 12/10/02 18:56:21 DB : removing all peer tunnel refrences 12/10/02 18:56:21 DB : peer deleted ( obj count = 0 ) 12/10/02 18:56:21 ii : ipc client process thread exit ... Regards, Nikish Mob - 91 9029331403 _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
