Please SHARE BEST SOLUTION ion for "Configuring Site-to-site VPN between MX Appliances in Different Organizations". ... View more

NO_PROPOSAL_CHOSEN error — I’m not fully confident interpreting it and would like step-by-step guidance to get a secure IPSec tunnel working between our devices. My topology: Hub / starting point = MX85 → Spoke / ending point = MX64. Main Requirement :- IPsec Tunnel  Between  mx85  to  mx64    --very secure tunnel  with full  control   to send and receive  data between  two mx devices Could you please provide a clear, easy-to-follow configuration guide (with screenshots) that includes: Exact UI steps and screenshots for the pages/fields to set on both MX85 and MX64 (menu path + fields to fill). Recommended Phase 1 (IKE) parameters (exact values you want me to enter): IKE version (v1 / v2) Encryption algorithm(s) Hash / integrity algorithm(s) DH group Lifetime (seconds) Mode (Main / Aggressive) and NAT traversal settings Recommended Phase 2 (IPSec) parameters (exact values): Encryption / integrity algorithms PFS (on/off and DH group) Lifetime (seconds) Exact format/requirements for the pre-shared key (length/characters) and any best practices for generating it. Any Meraki-specific requirements (for MX→MX vs. Meraki→non-Meraki peers) that I should be aware of. NAT, firewall, or port-forwarding considerations that commonly cause NO_PROPOSAL_CHOSEN. A short verification checklist or UI checks I can run after configuring each side to confirm proposals match. Examples or annotated screenshots of the VPN log entries you want me to capture if the problem continues — please show the exact log lines to capture. If possible, a “copy-paste” example of Phase 1/Phase 2 proposals that will work for MX85↔MX64 to avoid negotiation mismatch. ... View more