Hello,
I´ve been struggling with IPSec lately. I´m trying to establish a Site-to-Site IPSec Tunnel with a Stonesoft system and a RB750G. All configs double checked on both sides.
Our setup is:
192.168.200.0/24 >> RB750G >> D-Link ADSL Modem (Bridged) >> Internet >> Stonesoft >> 10.0.0.0/16
RouterOS IPSec config
jul/08/2013 15:05:35 by RouterOS 6.1
software id = -
/ip ipsec mode-cfg
set (unknown) name=request-only send-dns=yes
/ip ipsec policy group
set default name=default
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des
lifetime=8h name=default pfs-group=none
/ip ipsec peer
add address=.../32 auth-method=pre-shared-key dh-group=modp1024
disabled=no dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=3des
exchange-mode=main generate-policy=no hash-algorithm=md5 lifebytes=0
lifetime=1d nat-traversal=no passive=no port=500 proposal-check=obey
secret=********* send-initial-contact=yes
/ip ipsec policy
add action=encrypt disabled=no dst-address=10.0.0.0/16 dst-port=any
ipsec-protocols=esp level=require priority=0 proposal=default protocol=
all sa-dst-address=... sa-src-address=...
src-address=192.168.200.0/24 src-port=any tunnel=yes
Stonesoft (disregard 3rd block (site-to-client)):
Stonesoft logs - from RouterOS connection:
SA proposal: SA([0] protocol = IKE (1), 3DES, HMAC-MD5-96, 1024 bit MODP, HMAC-MD5 PRF; ) Pre-shared keys
From another system (not RouterOS) VPN 100%:
IKEv1 SA proposal SA([0] protocol = IKE (1), 3DES, HMAC-MD5-96, HMAC-MD5 PRF, 1024 bit MODP; ) Pre-shared keys
IPSec logs from RB750G:
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: ===
Jul/08/2013 08:37:53 ipsec,debug IPSEC: initiate new phase 1 negotiation: ...[500]<=>...[500]
Jul/08/2013 08:37:53 ipsec,debug IPSEC: begin Identity Protection mode.
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: new cookie:
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 5e9270a4976f3f3b
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: add payload of len 52, next type 13
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: add payload of len 16, next type 13
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: add payload of len 16, next type 0
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 124 bytes from ...[500] to ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: sockname ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: send packet from ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: send packet to ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: src4 ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: dst4 ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 1 times of 124 bytes message will be sent to ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 5e9270a4 976f3f3b 00000000 00000000 01100200 00000000 0000007c 0d000038
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 000c0004
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 00015180 80010005 80030001 80020001 80040002 0d000014 12f5f28c 457168a9
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 702d9fe2 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc 77570100
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: resend phase1 packet 5e9270a4976f3f3b:0000000000000000
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: ==========
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 102 bytes message received from ...[500] to ...[500]
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 5e9270a4 976f3f3b 4643053c 5ce2c2de 0b100500 ae80b4a9 00000066 0000004a
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 00000001 0110000e 5e9270a4 976f3f3b 4643053c 5ce2c2de 800c0001 00060022
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 436f756c 64206e6f 74206669 6e642061 63636570 7461626c 65207072 6f706f73
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: 616c8008 0000
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: receive Information.
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: begin.
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: seen nptype=11(notify)
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: succeed.
Jul/08/2013 08:37:53 ipsec,debug IPSEC: fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted.
Jul/08/2013 08:37:53 ipsec,debug,packet IPSEC: notification message 14:NO-PROPOSAL-CHOSEN, doi=1 proto_id=1 spi=5e9270a4976f3f3b 4643053c5ce2c2de (size=16).
Jul/08/2013 08:37:53 ipsec,debug IPSEC: Message: '"Could not find acceptable proposal '.
So thats it. It´s been almost a week with this and no resource could point me out the exact problem. 
Any help would be appreciated.
