Diffie-Hellman group (Group1,
Group 2, or Group 5)
The DH group is applicable to Phase 2 only if PFS is
in use.
If you have a traditional rule base, all of these are set by using an
action of "encrypt" on the applicable rule in the rule base, right-clicking on
the action and selecting "Encryption properties" or something to that
effect. If you have a simplified rule base I don't recall off the top of
my head where these settings are, but they're in there somewhere... hooked in
with VPN communities, I'm sure.
If you do not receive any messages about successful completion of Main
Mode, then you're bombing out in Phase 1. If you get Main Mode completed
and *then* get your no proposal chosen message, you're bombing out in Phase
2.
Good luck. :)
---
Russell Washington, CCSE, CCSA, NCSA
Too many
doggoned letters after my name.../
----- Original Message -----
Sent: Monday, December 30, 2002 1:27
AM
Subject: [FW-1] VPN between FP1 FP2.
Info: No proposal chosen
Hi all
I am triying to build a VPN between a NG FP1 (Intrusion box) and a NG FP2
(Windows NT SP6a).
In the first IKE phase, the firewall log : No proposal chosen.
I have checked that all feautures are the same in both firewalls.
Thanks in advanced
--------------
Regards.
Deb.
With Yahoo! Mail you can get a bigger mailbox -- choose a
size that fits your
needs