Screen OS

I need to setup a VPN to one of our vendors site and they also use Juniper Netscreen devices.  Now they setup a Policy Based VPN on their end and gave me the settings.  I createad a policy based VPN according to this KB:

http://kb.juniper.net/KB6210

However my Phase 2 keeps getting stuck at "Phase 2: Initiated negotiations".

Any ideas guys?

Hi,

Please paste the following output from both firewalls:

1) get ike coo

2) get sa

3) get event

OPen the VPN debug:

1) debug ike detail

2) clear db

 Try to send dome traffic to establish the VPN ( if monitor rekey is not enabled)

3) get db stream ( output of the debug)

Thanks

Atif

Please follow the following KB which will also help you alot:

http://kb.juniper.net/KB9221

Thanks

Atif

Ok now I'm getting this error afer it says "Initiated Phase 2", "Received a notification message for DOI 1 14 NO-PROPOSAL-CHOSEN"

Please check the Phase 2 proposal again , it is not matching between the peer VPN devices.

Thanks

Atif

Hi Mali

you should have a same proposal phase 2  on both netscreen devise

Regard