I have a Cisco 3745 running IOS Ver. 12.3(10b) trying to VPN to Checkpoint NG with AI - R54. Here is the message I get when I do debug crypto engine, isakmp, and ipsec.

4d14h: IPSEC(key_engine): request timer fired: count = 1,

(identity) local= 65.116.172.190, remote= 193.128.124.244,

local_proxy= 10.0.0.0/255.255.252.0/0/0 (type=4),

remote_proxy= 10.64.120.0/255.255.252.0/0/0 (type=4)

4d14h: IPSEC(sa_request): ,

(key eng. msg.) OUTBOUND local= 65.116.172.190, remote= 193.128.124.244,

local_proxy= 10.0.0.0/255.255.252.0/0/0 (type=4),

remote_proxy= 10.64.120.0/255.255.252.0/0/0 (type=4),

protocol= ESP, transform= esp-3des esp-sha-hmac (Tunnel),

lifedur= 3600s and 4608000kb,

spi= 0x45F3B3FA(1173599226), conn_id= 0, keysize= 0, flags= 0x400A

4d14h: ISAKMP: received ke message (1/1)

4d14h: ISAKMP: set new node 0 to QM_IDLE

4d14h: ISAKMP (0:164): SA is still budding. Attached new ipsec request to it. (l

ocal 65.116.172.190, remote 193.128.124.244)

4d14h: ISAKMP (0:164): retransmitting phase 1 MM_NO_STATE...

4d14h: ISAKMP (0:164): incrementing error counter on sa: retransmit phase 1

4d14h: ISAKMP (0:164): retransmitting phase 1 MM_NO_STATE

4d14h: ISAKMP (0:164): sending packet to 193.128.124.244 my_port 500 peer_port 5

00 (I) MM_NO_STATE

4d14h: ISAKMP (0:164): retransmitting phase 1 MM_NO_STATE...

4d14h: ISAKMP (0:164): incrementing error counter on sa: retransmit phase 1

4d14h: ISAKMP (0:164): retransmitting phase 1 MM_NO_STATE

4d14h: ISAKMP (0:164): sending packet to 193.128.124.244 my_port 500 peer_port 5

00 (I) MM_NO_STATE

4d14h: ISAKMP (0:164): retransmitting phase 1 MM_NO_STATE...

4d14h: ISAKMP (0:164): incrementing error counter on sa: retransmit phase 1

4d14h: ISAKMP (0:164): retransmitting phase 1 MM_NO_STATE

4d14h: ISAKMP (0:164): sending packet to 193.128.124.244 my_port 500 peer_port 5

00 (I) MM_NO_STATE

4d14h: IPSEC(key_engine): request timer fired: count = 2,

(identity) local= 65.116.172.190, remote= 193.128.124.244,

local_proxy= 10.0.0.0/255.255.252.0/0/0 (type=4),

remote_proxy= 10.64.120.0/255.255.252.0/0/0 (type=4)

4d14h: ISAKMP: received ke message (3/1)

4d14h: ISAKMP (0:164): peer does not do paranoid keepalives.

4d14h: ISAKMP (0:164): deleting SA reason "gen_ipsec_isakmp_delete but doi isakm

p" state (I) MM_NO_STATE (peer 193.128.124.244) input queue 0

4d14h: ISAKMP (0:164): deleting SA reason "gen_ipsec_isakmp_delete but doi isakm

p" state (I) MM_NO_STATE (peer 193.128.124.244) input queue 0

4d14h: ISAKMP (0:164): deleting node -1791072579 error TRUE reason "gen_ipsec_is

akmp_delete but doi isakmp"

4d14h: ISAKMP (0:164): deleting node 1896130904 error TRUE reason "gen_ipsec_isa

kmp_delete but doi isakmp"

4d14h: ISAKMP (0:164): Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL

4d14h: ISAKMP (0:164): Old State = IKE_I_MM1 New State = IKE_DEST_SA

And then it starts the whole cycle over again.