VPN IPsec NSX with Stonesoft

Hello,

I am unable to setup a tunnel VPN between a stonesoft and a ESG 6.3.3.

I already have 3 working IPsec VPN with 2 sonicwall and Azure.

It seems the stonesoft couln't recognize the ESG as a valid VPN gateway, it doesn't pass the phase 1.

Please see the log at the Stonesoft side:

"No rule found for IKE peers XX.XX.XX.XX and XX.XX.XX.XX: Peer IP address mismatch"

"Sending error notify, no proposal chosen"

"IKE state start sa negociation R: outgoing ike SA values processing failed: No  proposal Chosen.

The log at the NSX side:

2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] pending Quick Mode with XX.XX.XX.XX "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" took too long -- replacing phase 1

2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: initiating Main Mode to replace #9612

2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

2017-11-28T11:04:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message

2017-11-28T11:04:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

2017-11-28T11:04:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message

2017-11-28T11:04:50+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

2017-11-28T11:04:50+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message

2017-11-28T11:05:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

2017-11-28T11:05:30+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message

2017-11-28T11:06:10+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

2017-11-28T11:06:10+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9613: received and ignored informational message

2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] pending Quick Mode with XX.XX.XX.XX "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" took too long -- replacing phase 1

2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9614: initiating Main Mode to replace #9613

2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9614: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

2017-11-28T11:06:20+00:00 NSX-edge-2-0 ipsec[22484]: [default]:  [authpriv.warning] "XX.XX.XX.XX_XX.XX.XX.XX/15-XX.XX.XX.XX_XX.XX.XX.XX/15" #9614: received and ignored informational message

Is there a way to have more debug information on the nsg?

Do you have any idea do help me solve this issue?