Hi,
I just upgraded my RB751U-2HnD to v6.43rc23 version and encountered a very strange and annoying bug related to IPSec proposal configuration.
My phase 1 proposal have the hash algorithm SHA1 which I clearly checked via winbox, but it it wasn't working and was getting the error "no valid proposal".
After messing around with the configuration on both peers I decided to try MD5 algorithm. And suddenly it worked!
Actually it the checkbox MD5 has the value SHA1.
I don't know if this is related to winbox (version3.14) or to new RouterOS version, but please fix it.


P.S. I encountered some similar issues on version 6.42.3 related to DHCP Server and Bridge configurations.
for example: I couldn't update the values of the dhcp server, so I had to remove it and recreate it with the exactly the same values I needed.

"Proposals" appears to have been renamed "Policy Proposals" and a new tab added called "Peer Proposals".
This is the source of your confusion, as your screen capture was for "Peer Proposals", although you helpfully cut off the title of the dialog box, and the command line print was for "Policy Proposals".
"/ip ipsec proposal print" and "/ip ipsec peer proposal print" are the relevant commands.

"Proposals" appears to have been renamed "Policy Proposals" and a new tab added called "Peer Proposals".
This is the source of your confusion, as your screen capture was for "Peer Proposals", although you helpfully cut off the title of the dialog box, and the command line print was for "Policy Proposals".
"/ip ipsec proposal print" and "/ip ipsec peer proposal print" are the relevant commands.

Let me elaborate the problem more precisely:
In winbox I choose SHA1 as the hash algorithm. In console it shows as SHA1, but the tunnel is down, and I'm clearly getting the error "no phase 1 valid proposal" in the logs. Weird, isn't it?
Then I'm changing it to MD5 via winbox, press the Apply button and voila, it works! Checked the console and it shows SHA1. I even restarted winbox and MD5 was still there.

Hope I described the issue clearly enough.

Please report your findings this to Mikrotik support: support@mikrotik.com and state your router os version and win box version also. Please include the link to this topic.

We are aware of the issue and it will be fixed in future release candidate versions. In the mean time, it is advised to use the console to change IPsec Peer Proposal settings.