Core issue
The output of the show crypto isa sa command shows the MM_KEY_EXCH status.
Resolution
Make sure the preshared key is correctly configured. To reset the preshared key, issue this command:
isakmp key ******** address 172.16.172.34 255.255.255.255 no-xauth no-config-mode
Note: The pre-shared key is designated by asterisks (***).
If the keys do not match, issue this command to remove the line:
no isakmp key ******** address 172.16.172.34 255.255.255.255 no-xauth no-config-mode
Re-issue the command with the correct pre-shared key.
The IP address mentioned for preshared key is the appropriate address of the opposite end.
For further troubleshooting, capture VPN debugs from both ends, and look for a more specific error message.
For an explanation of common debug error messages used in troubleshooting IPSec issues, refer to IP Security Troubleshooting - Understanding and Using debug Commands.