Verify that the Proxy IDs on the NetScreen match the local and remote setting on the Cisco. If you're doing route-based VPN on the NS, this is in the "AutoKey IKE" section. If it's a policy-based VPN, make sure that the address entries match the local/remote of the Cisco (and DON'T USE ADDRESS GROUPS!).
For troubelshooting purposes, on the NS, use the command "set ike accept-all-proposals". This will allow the connection to be made and thus you'll see what the Cisco thinks you should be using. Adjust appropriately and then issue the command "unset ike accept-all-proposals" since that's a little too open for most environments (read: security risk).
I am trying to setup an VPN between a NetScreen 25 and Cisco 837. We are unable to get past Phase one, the logs from the cisco box tells me that policies match, then it doesn't get past exchanging the key. I have tried the "set ike accept-all-proposal" but this has made no difference. Are you able to let me know how you configured your netscreen??
I'm sure the problem is the config of the netscreen but am not sure how the netscreen should be setup to work with an incoming vpn from the cisco box.
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM.
Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita...
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion
APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks.
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe...
The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th...