@Justmehere 

Hi, I've tried to reproduce your scenario and I think that it could be your misconfiguration, you should tightly follow that configuration guide on the official website. Here is my configuration and I successfully set up the VPN tunnel, you can check it as reference. Just set the IP pool as 10.1.1.1/24 and try again~

  @Justmehere 

Hi, this is just easy to deal with. You are receiving this notice because the IKE encryption protocol you set for both ends are different, here you can see in the picture below, when setting IPsec VPN on the router, you will have to set encryption proposals for phase1 and phase2, here in phase 1, there are 4 proposals, to use the VPN properly, on the other end, the encryption method must match one of the proposals. But it seems that you cannnot change the proposal yourself on the Android phone, so you can search on the Internet for the proposal of your phone, I think it should be the same within the same brand of phone. Only when the encryption method are the same on both ends, the tunnel can be established, it's like you locked the door on the router, and you wanna unlock it on the phone, so you must use exactly the same key on both sides ottherwise you won't be able to unlock the same door.

  @Justmehere 

Well I think you didn't get what I mean, when setting up IPsec VPN, the IKE encryption process contains two phases, phase1 and phase2, different encryption informations are confirmed in the different phases, and there are different encryption methods used in different phases. What you need to do is match the phase1 and phase2 proposals on both ends, which means you need to make sure the phase1 proposal on both ends are the same, not to make phase1 and phase2 encryption proposal on the same end to be the same.

It says the phase1 encrypition methods are different on two ends so you need to check what phase1 encryption proposal is there on your Android phone and set the same one on your router. Also the same for phase2.

  @Justmehere 

Well you still didn't get what I mean, the proposals for phase1 and phase2 are different. What I mean is, on your router and your phone both exist the encryption process and the encryption process is consisted of two phases, which are phase1 and phase2, you must ensure the phase1 settings on your router and the phase1 settings on your phone are the same, otherwise the tunnel cannot be established, that's why I told you to check for your phone's default phase1 settings and input a matched proposal on router.