does any one has any experience in setting up a case like this, we are suppose to establish VPN Tunnel, also natting before the Tunnel and both sides will be initiating the Tunnel. Any help would be great, but i have set it up but having problem when the other side initiate the VPN Tunnel. In debug I see this message
IPSEC(validate_transform_proposal): proxy identities not supported
ISAKMP: IPSec policy invalidated proposal
ISAKMP (0): SA not acceptable!
return status is IKMP_ERR_NO_RETRANS
crypto_isakmp_process_block:src:y.y.y.y, dest:x.x.x.x spt:500 dpt:500
ISAKMP: reserved not zero on payload 8!
ISAKMP: malformed payload
if we initiate the connection it work well and i can access the other party LAN server behind checkpoint