Hello,

I have problem with one of IPSec VPN connection to remote office.
Preriodicaly (not often some 1-2 times a 2 month but now 2 times in last 2 days) I got message:

received bad Notification, no phase 2 faund (remote unknown)

I can see that connection to remote peer is established but no installed SA.

After flushing or restarting problem is not solved. Only after some many hours it starts working by himself.
At the same time other VPN conections are working well.
Guys from remote site blame our ROS in such problem.

Configuration:

My site:
ROS 2.9.51
/ ip ipsec proposal
add name="DK_VPN" auth-algorithms=sha1 enc-algorithms=aes-128 lifetime=8h \
lifebytes=0 pfs-group=modp1024 disabled=no
/ ip ipsec policy

add src-address=192.168.xx.xx/24:any dst-address=192.168.yy.yy/24:any \
protocol=all action=encrypt level=require ipsec-protocols=esp tunnel=yes \
sa-src-address=xx.xx.xx.xx sa-dst-address=xx.xx.xx.xx proposal=DK_VPN \
manual-sa=none dont-fragment=clear disabled=no
/ ip ipsec peer
add address=xx.xx.xx.xx/32:500 secret="xxxxx" \
generate-policy=no exchange-mode=main send-initial-contact=yes \
proposal-check=obey hash-algorithm=sha1 enc-algorithm=3des \
dh-group=modp1024 lifetime=8h lifebytes=0 disabled=no

Remote Site:
SonicWall see configuration in attached jpg file

after upgrading to v 3.6 problem the same

Its cisco, it sux Try setting pfs group to none. see what happens. 1 setting is not right.