Hi,
any suggestions what proposal settings are working for IKEv2 and android 13 to successfully establish a vpn connection (Cert based)?
I tried different settings and fount this thread community.zyxel.com - suggesting >“AES128-SHA256-DH2” in phase 1 and “AES128-SHA256” in phase 2<, but that did not work.
I always get “Phase 1 proposal mismatch” in the logs.
Using:
Android 13 (OnePlus 11 - Updates 02/2023)
USG20-VPN FW: 5.35(ABAQ.0)
thx for suggestions 
I was able to establish a connection using PSK and the following settings with the native vpn client on android 13:
Android:
IKEv2/ IPsec PSK
USG:
Auth: PSK / advance: ID DNS, Content: , Peer Type: Any
Phase 1: SA Lifetime 86400
Proposal: AES256-SHA512-DH16
No Extended Auth Protocol
Phase 2:
SA Lifetime 86400
Advanced: A Proto: ESP
Encapsulation: Tunnel
Proposal: AES256-SHA512-DH16
would be interested if someone is able to connect with additional auth …