Hi all,
I have two SRX1500 and I have been able to configures several profiles for Juniper Secure Connect (JSC) in one of them. However, I'm trying to do the same in the second SRX and I get this error (complete log from JSC):
Full log from Juniper Secure Connect:
15/09/2021 00:00:33 - MONITOR: Configuration download - Start configuration download (host: 10X.XXX.XXX.XXX realm: default)
15/09/2021 00:00:35 - MONITOR: Configuration download - Login success
15/09/2021 00:00:35 - MONITOR: Configuration download - Configuration time not changed
15/09/2021 00:00:35 - MONITOR: Configuration download - Logout success
15/09/2021 00:00:35 - MONITOR: Configuration download - Logout - no new configuration imported
15/09/2021 00:00:36 - SUCCESS - MONITOR: Configuration download -> Configuration is up to date
15/09/2021 00:00:36 - MONITOR: Configuration download -> Save credentials for "user1"
15/09/2021 00:00:36 - INFO - MONITOR: Configuration download -> Start vpn connection
15/09/2021 00:00:36 - System: Setting NCP virtual adapter linkstatus=0,laststate=0.
15/09/2021 00:00:36 - ncpadapter: reset IP adapter properties
15/09/2021 00:00:36 - ncpadapter: reset ipv4 properties,ip4adr=0.0.0.0
15/09/2021 00:00:36 - ncpadapter: reset_ip4_properties, manual=0
15/09/2021 00:00:36 - System: DNSHandling=0
15/09/2021 00:00:36 - IPSec: Start building connection
15/09/2021 00:00:36 - IpsDial: connection time interface choice,LocIpa=10.10.8.63,AdapterIndex=208
15/09/2021 00:00:36 - Ike: Opening connection in PATHFINDER mode : Remote_JSC
15/09/2021 00:00:36 - Ike: Outgoing connect request AGGRESSIVE mode - gateway=10X.XXX.XXX.XXX : Remote_JSC
15/09/2021 00:00:36 - Ike: ConRef=16, XMIT_MSG1_AGGRESSIVE, name=Remote_JSC, vpngw=10X.XXX.XXX.XXX:500
15/09/2021 00:00:36 - ike_phase1:send_id:ID_USER_FQDN:pid=0,port=0,juniper@edu.juniper.net
15/09/2021 00:00:36 - Ike: ConRef=16, Send NAT-D vendor ID,remprt=500
15/09/2021 00:00:36 - Ike: ConRef=16, RECV_MSG2_AGGRESSIVE, adapterindex=208,name=Remote_JSC, remote ip:port=10X.XXX.XXX.XXX:500,local ip:port=10.10.8.63:10952
15/09/2021 00:00:36 - Ike: IKE phase I: Setting LifeTime to 28800 seconds
15/09/2021 00:00:36 - Ike: Turning on XAUTH mode - Remote_JSC
15/09/2021 00:00:36 - Ike: IkeSa1 negotiated with the following properties -
15/09/2021 00:00:36 - IPSec: Final Tunnel EndPoint is=10X.XXX.XXX.XXX
15/09/2021 00:00:36 - Authentication=XAUTH_INIT_PSK,Encryption=AES,Hash=SHA_256,DHGroup=19,KeyLen=256
15/09/2021 00:00:36 - Ike: Remote_JSC ->Support for NAT-T version - 9
15/09/2021 00:00:36 - Ike: Turning on NATD mode - Remote_JSC - 1
15/09/2021 00:00:36 - Ike: ConRef=16, Remote peer is a Juniper Networks
15/09/2021 00:00:36 - Ike: ike_phase1:recv_id:ID_IPV4_ADDR:pid=0,port=0,10X.XXX.XXX.XXX
15/09/2021 00:00:36 - ERROR - 4028: IKE(phase1)- RECV-MSG2-AGGR-PSK with wrong preshared key Remote_JSC.
15/09/2021 00:00:36 - Ike: phase1:name(Remote_JSC) - ERROR - INVALID_HASH_INFORMATION
15/09/2021 00:00:36 - IPSec: Disconnected from Remote_JSC on channel 1.
15/09/2021 00:00:46 - Ike: phase1:name() - incoming connect request.
15/09/2021 00:00:46 - Ike: ConRef=17, RECV_MSG1_AGGRESSIVE, name=, vpngw=10X.XXX.XXX.XXX:500
15/09/2021 00:00:46 - Ike: phase1:name() - ERROR - NO_PROPOSAL_CHOSEN
15/09/2021 00:00:56 - Ike: phase1:name() - incoming connect request.
15/09/2021 00:00:56 - Ike: ConRef=18, RECV_MSG1_AGGRESSIVE, name=, vpngw=10X.XXX.XXX.XXX:500
15/09/2021 00:00:56 - Ike: phase1:name() - ERROR - NO_PROPOSAL_CHOSEN
How can the preshared key be wrong if it cannot be configured in the JSC profile? Any advice or ideas please?
Thank you in advance.
Best regards