USG and TOPSEC firewall interconnect IPSEC VPN unsuccessful

Publication Date:  2012-09-10 Views:  349 Downloads:  0
Issue Description
Our company firewall establishes IPSEC with TOPSEC firewall. After configuring display ike sa, first stage cannot been established
USG2130 reference the parameter configuration of TOPSEC, as follows:
acl number 3004
rule 0 permit ip source 1.1.1.1 0 destination 2.2.2.2 0
#
ike proposal 4
encryption-algorithm 3des-cbc
authentication-algorithm md5
#
ike peer a
pre-shared-key 123456
ike-proposal 4
undo version 2
remote-address X.X.X.X
#
ipsec proposal 4
esp encryption-algorithm 3des
#
ipsec policy yujiacl 4 isakmp
security acl 3004
ike-peer a
proposal 4
sa duration traffic-based 86400

TOPSEC first stage configuration:
Alarm Information
None
Handling Process
First.  Check configuration, the negotiation parameters configuration of each stage are consistent.
Second.  Check the first stage consultation, only TOPSEC configuration the peer identities and local identity. When USG2130 use main mode ,it doesn’t consultation identity. Throw off TOPSEC firewall identity ,tunnel normal established.
Root Cause
TOPSEC firewall configuration the peer identities and local identity. But our device is not configured. The first stage consultation, USG2130 use IP address as an identifier, but TOPSEC configured for other identification, negotiation fails. 
Suggestions
None

END