Thanks Deepak for pointing out commands

I have one more query, Why in Show crypto ikev2 sa -  multiple tunnel ID with same local and remote IP address with status as READY appears

Hi,

Please share output so I can explain bit more.

Hi

As requested

I have attached the file and pasted here as well, and from other end (Fortigate), error is showing NO_PROPOSAL_CHOSEN

xxxx#show crypto ikev2 sa

IPv4 Crypto IKEv2 SA

Tunnel-id Local Remote fvrf/ivrf Status
943 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/82459 sec

Tunnel-id Local Remote fvrf/ivrf Status
14330 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/25099 sec

Tunnel-id Local Remote fvrf/ivrf Status
9897 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/44570 sec

Tunnel-id Local Remote fvrf/ivrf Status
7056 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/56655 sec

Tunnel-id Local Remote fvrf/ivrf Status
6419 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/59298 sec

Tunnel-id Local Remote fvrf/ivrf Status
4105 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/68682 sec

Tunnel-id Local Remote fvrf/ivrf Status
19227 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/5081 sec

Tunnel-id Local Remote fvrf/ivrf Status
2998 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/73462 sec

Tunnel-id Local Remote fvrf/ivrf Status
14114 A.A.A.A/500 B.B.B.B/500 none/none READY
Encr: AES-CBC, keysize: 256, PRF: SHA256, Hash: SHA256, DH Grp:14, Auth sign: PSK, Auth verify: PSK
--More--

Regards

Manoj Kumar