Knowledge Search


×
 

Received notify message for DOI [1] [14] [NO_PROPOSAL_CHOSEN]

  [KB6168] Show Article Properties


Summary:
This article describes the issue of the notify message being generated for DOI <1> <14> < no_proposal_chosen >.
Symptoms:

Environment:

  • IKE Phase 1 negotiation is successful.

  • Phase 2 initiated the negotiation, before the <NO_PROPOSAL_CHOSEN> message was generated.

Symptoms and errors:

  • Received the notify message for DOI <1> <14> <NO_PROPOSAL_CHOSEN>.

  • IKE Phase 2 negotiation fails.
Cause:
This issue indicates a mismatch in proposals between the two peers. Chances are, one side has nopfs, whereas the other side has perfect forward secrecy enabled.
Solution:
Change the Phase 2 proposal on NetScreen from nopfs-xxx-xxxx-xxx  to  g2-xxx-xxxx-xxx. For example, If phase 2 proposal is nopfs-esp-3des-sha, change it to g2-esp-3des-sha.

For more information, refer to:

Related Links: