Question : Problem creating a VPN tunnel between 2 Cisco PIX firewalls

I'm trying to configure a VPN tunnel thru internet between 2 Cisco PIX firewall but I'm getting errors from the debug modes of my routers. I'd appreciate any help you can provide for this issue.

Firewall 1's name is FB
Firewall 2's name is FP
The error message I get when I analyze the packets passing thru  is : "No proposal chosen"

My network set up is the following (too bad we can't upload screenshots in the question) :

PIX Firewall - Cisco Router - Internet - Cisco Router - PIX Firewall

Here's the configuration of both firewalls
--------------------------------------------------------------------------------------------
PIX Version 7.0(1)
names
!
interface Ethernet0
 nameif inside
 security-level 100
 ip address 10.0.0.130 255.255.255.128
!
interface Ethernet1
 nameif outside
 security-level 1
 ip address 10.0.0.5 255.255.255.252
!
interface Ethernet2
 nameif dmz
 security-level 50
 ip address 10.0.0.9 255.255.255.240
!
enable password iSoc161g.C0864Pz encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname FB
domain-name Bulle
access-list 102 extended permit icmp any any
access-list 103 extended permit icmp any any
access-list 110 extended permit icmp 10.0.0.0 255.255.255.0 10.1.0.0 255.255.255
.0
pager lines 24
mtu inside 1500
mtu outside 1500
mtu dmz 1500
monitor-interface inside
monitor-interface outside
monitor-interface dmz
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 10.0.0.64 255.255.255.192
nat (inside) 1 10.0.0.128 255.255.255.128
access-group 101 in interface inside
access-group 102 in interface outside
access-group 103 in interface dmz
route inside 10.0.0.0 255.255.255.252 10.0.0.129 1
route inside 10.0.0.64 255.255.255.192 10.0.0.129 1
route outside 0.0.0.0 0.0.0.0 10.0.0.6 1
timeout xlate 3:00:00
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp
crypto ipsec transform-set strong esp-des esp-sha-hmac
crypto map toPekin 20 match address 110
crypto map toPekin 20 set peer 30.0.0.2
crypto map toPekin 20 set transform-set strong
crypto map toPekin interface outside
isakmp enable outside
isakmp policy 9 authentication pre-share
isakmp policy 9 encryption des
isakmp policy 9 hash sha
isakmp policy 9 group 2
isakmp policy 9 lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
tunnel-group 30.0.0.2 type ipsec-l2l
tunnel-group 30.0.0.2 ipsec-attributes
 pre-shared-key *
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp
!
service-policy global_policy global
Cryptochecksum:f9dad96ac702684dbf487f0bf56b3db0


****************************************************************************************************



PIX Version 7.0(1)
names
!
interface Ethernet0
 nameif inside
 security-level 100
 ip address 10.1.0.130 255.255.255.128
!
interface Ethernet1
 nameif outside
 security-level 1
 ip address 10.1.0.5 255.255.255.252
!
interface Ethernet2
 nameif dmz
 security-level 50
 ip address 10.1.0.9 255.255.255.240
!
enable password iSoc161g.C0864Pz encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname FP
domain-name Pekin
access-list 102 extended permit icmp any any
access-list 103 extended permit icmp any any
access-list 120 extended permit icmp 10.1.0.0 255.255.255.0 10.0.0.0 255.255.255
.0
pager lines 24
mtu inside 1500
mtu outside 1500
mtu dmz 1500
monitor-interface inside
monitor-interface outside
monitor-interface dmz
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 10.1.0.64 255.255.255.192
nat (inside) 1 10.1.0.128 255.255.255.128
access-group 101 in interface inside
access-group 102 in interface outside
access-group 103 in interface dmz
route inside 10.1.0.64 255.255.255.192 10.1.0.129 1
route inside 10.1.0.0 255.255.255.252 10.1.0.129 1
route outside 0.0.0.0 0.0.0.0 10.1.0.6 1
timeout xlate 3:00:00
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp
crypto ipsec transform-set strong esp-des esp-sha-hmac
crypto map toBulle 10 match address 120
crypto map toBulle 10 set peer 20.0.0.1
crypto map toBulle 10 set transform-set strong
crypto map toBulle interface outside
isakmp enable outside
isakmp policy 8 authentication pre-share
isakmp policy 8 encryption des
isakmp policy 8 hash sha
isakmp policy 8 group 2
isakmp policy 8 lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
tunnel-group 20.0.0.1 type ipsec-l2l
tunnel-group 20.0.0.1 ipsec-attributes
 pre-shared-key *
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp
!
service-policy global_policy global
Cryptochecksum:d3eed4e75b7749e676452b725565bb46

Answer : Problem creating a VPN tunnel between 2 Cisco PIX firewalls

Check out our own Pete Long's web pages on this topic
http://www.petenetlive.com/Tech/Firewalls/Cisco/s2svpn.htm

>access-group 101 in interface inside
Do NOT apply an acl to the inside interface unless you want to restrict specific traffic. I don't even see an acl 101 defined in  your config

I also do not see any nat zero acl or acl to define the VPN tunnel traffic. Use the VPN wizard and go through the steps in Pete's instructions.

BTW, 7.0(1) is pretty buggy. I highly suggest updating to 7.0(6) or better