I had the same problem (between a SRX and a Cisco box). It is most likely a mismatch between remote-net and local-net configurations on each router.
Try to enable traceoptions. edit security ike traceoptions [edit security ike traceoptions] set file size 1m set flag policy-manager set flag ike set flag routing-socket commit And check the kmd log. /Morten On Wed, Sep 15, 2010 at 1:27 PM, Fahad Khan <fahad.k...@gmail.com> wrote: > Hi folks, > > I am trying to establish route based VPN between SRX3600(in Ch cluster) and > SRX210, but stuck in phase 2 (no proposal chosen).. > > has any one experienced it?? > > thanks in adv > > regards, > > Muhammad Fahad Khan > JNCIP - M/T # 834 > IT Specialist > Global Technology Services, IBM > fa...@pk.ibm.com > +92-301-8247638 > Skype: fahad-ibm > http://pk.linkedin.com/in/muhammadfahadkhan > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Morten Isaksen _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp