VPN Site-to-Site XG and Zywall USG 200

Question

Hi everyone 
 i've got a problem with a new XG 135 that replace an old Zywall USG 100. The old USG 100 was vpn-connected with a USG 200 and after all the initial configurations i started to configure the VPN site to site. Put the same configuration that the old one had. But ive got this error: 
 Log on XG 
 
 Log on Zywall USG 200 
 
 I've try main mode and aggressive mode: nothing changes! 
 My configuration on XG are: 
 No compress- Main mode 
 Phase1: 
 AES256 enc SHA1 Auth DES enc MD5 Auth 
 DH Group 1 and 2 
 Keylife: 86400 re-key margin: 120 randomize: 0% 
 DPD enabled (300-5-disconnect) 
 Phase2: 
 DES enc MD5 Auth 
 3DES enc SHA2 256 Auth 
 PFS Group: 2 
 Key Life: 86400 
 No Nat Trasversal 
 
 ON Zywall USG 200: 
 Phase1 
 SA Life time: 86400 
 Negotation Mode: Main 
 Proposal 
 AES256 Enc SHA1 Auth DES Enc MD5 Auth 
 No Nat Trasversal 
 DPD enabled 
 Nailed-Up and Enabled NetBIOS broadcast over IPSec 
 MSS Adjustment AUTO 
 Phase2 
 SA Life time: 86400 
 Active Protocol: ESP 
 Encapsulation: Tunnel 
 Proposal: 
 DES enc MD5 Auth 
 3DES enc SHA256 Auth 
 PFS DH2 
 
 Some can help me to resolve this mistery??? 
 Marco Alunni Pini 
 Sigma Informatica s.r.l.

Marco Alunni Pini · Accepted Answer

Sophos helps me!!! 
 It was a little bug in Zywall USG 200. The proposal in phase 1 was bugged. Ive put MD5 and 3DES in both phase 1 and phase 2. 
 Done!