[Vpn-help] Zywal > Shrew Client

[Matthew Grooms]

On 5/1/2007, "Oliver Meister" <oliver.meister at students.fhnw.ch> wrote:
>Hello Matthew
>
>Thank you for your quick answer.
>
>Indeed those links are refereeing to an obviously working solution.
>Although the authors are using a slightly different model of Zywal, I am
>using exactly the same set-up (beside the domain name).
>
>My current suspicion is my particular model of the firewall itself: it is
>sometimes a bit buggy.
>
...
>What proposal is it looking for, after phase1?
>
>Suggestions would be very welcome. :-)
>

A peer will send a no proposal chosen message when there is a phase1
parameter mismatch. This will typically be one of the following ...

- The authentication method
- The cipher type
- The cipher key length
- The hash algorithm
- The DH Group
- The Lifetime

I have never seen a Zywal configuration interface so Im not sure how much
help I can be. The detail level in the Zywal log output is a bit
disappointing. Is there any way to force it to include more detail? Feel
free to send me some screen shots of the phase1 parameters and an
exported site configuration (  .vpn ) file and I will do my best to help
you out the best I can.

Thanks again for trying out the client software,

-Matthew