I see numerous people have setup Netscreen Astaro IPSec tunnels successfully. I have setup an IPSec tunnel with ASL and Netscreen myself, and it worked fine. Now I am trying to setup an Net2Net IPsec tunnel with the Netscreen on a static IP and the Astaro on a dynamic IP. Most of the configurations I have seen posted appear to have ASL on a static IP and the Netscreen on dynamic. Has anyone done this before? I am assuming that I will need to use Aggresive mode instead of Main mode, but I see no option in ASL to use Aggressive mode (although I see mentions that ASL *does* have Aggressive mode).
The netscreen has the following message:
2003-02-12 06:02:26 info IKE Phase 1: Rejected proposals from peer. Negotiations failed.
2003-02-12 06:02:26 info IKE Phase 1: Responder starts MAIN mode negotiations.
Which I assume is because ASL wants Main mode, but needs to be Aggressive.
btw, I am using ASL 3.2 and Netscreen 5XP with ScreenOS 4.x
Any insight into this issue would be appreciated. TIA!
This thread was automatically locked due to age.
