You have created a route-based VPN. When you try to connect to the remote device you see the following message in your event log:
No policy exists for the proxy id received
What two (2) things can cause this occur?

A.
A proxy id conflict

B.
An unbound tunnel interface

C.
The remote device is a policy-based VPN

D.
The tunnel interface is configured in a different zone than the physical interface

Explanation:
In the NetScreen event log, during IKE Phase 2 negotiations – the “No Policy Exists for the proxy id” error message indicates a problem with the address or service book entries that are used in the P2 Proxy ID.
Basically, the Proxy ID (local network, remote network, service port, etc.) used must be a mirror image between the local and remote IKE VPN endpoints. By default, the CLI command “set ike policy-checking” is enabled which means that the address and service book entries that are passed in the Proxy ID MUST match. By disabling this CLI command, “unset ike policy-checking” – this will allow the Proxy ID to be completed WITHOUT being “checked” against the Proxy ID (local network, remote network, service port, etc.) used in the VPN policy. Note: It is recommended that the “policy-checking” feature be enabled as it provides for another level of security.
Note: With policy-checking disabled (unset ike policy-checking) ONLY one policy can be configured for this IKE gateway. The following warning message will be displayed:
“If more than one policy is desired per Gateway, policy checking must first be enabled by executing the “set ike policy checking” command. If multiple policies per IKE gateway are required, the “policy-checking” CLI command should NOT be disabled.