This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Dilian_Chernev
Collaborator
‎2023-01-29 02:49 AM

Main Mode Failed to match proposal:.... Wrong value for: Authentication Method

Hi mates,

We have an issue with RA users establishing VPN to GW and what I found in logs this:

Main Mode Failed to match proposal: Transform: AES-256, SHA1, Pre-shared secret, Group 2 (1024 bit); Reason: Wrong value for: Authentication Method

After some investigation, I found out that IPSEC VPN default certificate of the GW was expired.
Renew the certificate, installed policy and RA users were able to login again.

Just wanted to leave this info here, in case someone has the same issue. 
There is no useful information in knowledge base about it.

Thanks,

Dilian

 

2 Replies
_Val_
Admin
Admin
‎2023-01-31 03:07 AM

Thanks for sharing

0 Kudos
the_rock
Legend
Legend
‎2023-01-31 03:45 AM

Great info. Not logically obvious that would be an issue based on the error.

0 Kudos