Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Who Me Too'd this topic

VPN IPSec No Proposal Chosen

L1 Bithead


I keep having issues with my IPSec sts VPN. Always have a No proposal chosen message on the Phase 2 proposal.

And then P2 proposal fails due to timeout.

I read that it could be IPSec crypto settings or proxy ID that don't match.

Proxy IDs are OK because when I put non-existing network, I don't have these messages.

Encryption settings seem also well configured.


Here is the Fortigate P2 that was working before :




Here is the Palo Alto config that i'm trying to make working :


crypto.pngIPsec tunnel.pngIPsec tunnel2.png

Who Me Too'd this topic