Bintec RS230a VPN NO-PROPOSAL-CHOSEN

Jfbintec

Newbie
Dabei seit
Feb. 2014
Beiträge
1
Hi everybody,
I am trying to setup a VPN access between shrew soft client versions 2.2.2 (Standard Edition) and a Bintec R230a (or Bintec RS230a) with certificate authentication. I used OpenSSL, XCA (Freeware) and also Bintec client but I always have the same problem: when I try to connect my computer to VPN, I get this log (get by VPN Trace Shrew Soft):

14/02/17 14:39:22 DB : phase1 found
14/02/17 14:39:22 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
14/02/17 14:39:22 ii : processing informational packet ( 102 bytes )
14/02/17 14:39:22 =< : cookies aa86417eb208a4ef:a112df24d3e33898
14/02/17 14:39:22 =< : message 7fc5b7a7
14/02/17 14:39:22 << : notification payload
14/02/17 14:39:22 ii : received peer NO-PROPOSAL-CHOSEN notification
14/02/17 14:39:22 ii : - xx.xx.xx.xx:500 -> 192.168.0.29:500
14/02/17 14:39:22 ii : - isakmp spi = aa86417eb208a4ef:a112df24d3e33898
14/02/17 14:39:22 ii : - data size 46

Of course, I check ports of my Bintec and they are open (500-4500). I use for this log an IKE config pull, but I try already with a static configuration IP. I check configuration phase-1 profile in my Bintec and in my client but it’s the same. I try a lot of encryption mode (AES-MD5…), auto mode with DH Exchange, Policy, and DNS... I think I try every configuration which we have in shrew soft client.
If that help you, I use a domain name and my Bintec is behind a modem. When I saw it’s doesn’t work, I used this tutorial:
http://www.neo-one.de/downloads/dokumente/Teldat [bintec%20IPSec]/IKEv2%20zwischen%20bintec%20IPSec%20Client%20und%20Gateway%20mit%20Zertifikaten.pdf
To simplify, I want use Authentication Method Mutual RSA but whatever I use, I have also the same error message: “NO-PROPOSAL-CHOSEN”
 
Top