Hi,

I am having issue while setting up one VPN tunnel. All the configuration are same but there is no encapsulation in phase 2.

Here is the debug log

.Jul 24 21:18:12.399: ISAKMP:(13331):DPD/R_U_THERE received from peer 172.16.10.15, sequence 0x13B00F
.Jul 24 21:18:12.399: ISAKMP: set new node 2126508420 to QM_IDLE
.Jul 24 21:18:12.399: ISAKMP:(13331):Sending NOTIFY DPD/R_U_THERE_ACK protocol 1
spi 579351316, message ID = 2126508420
.Jul 24 21:18:12.399: ISAKMP:(13331): seq. no 0x13B00F
.Jul 24 21:18:12.399: ISAKMP:(13331): sending packet to 172.16.10.15 my_port 500 peer_port 500 (R) QM_IDLE
.Jul 24 21:18:12.399: ISAKMP:(13331):Sending an IKE IPv4 Packet.
.Jul 24 21:18:12.399: ISAKMP:(13331):purging node 2126508420
.Jul 24 21:18:12.399: ISAKMP:(13331):Input = IKE_MESG_FROM_PEER, IKE_MESG_KEEP_ALIVE
.Jul 24 21:18:12.399: ISAKMP:(13331):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE

.Jul 24 21:18:12.399: ISAKMP (13331): received packet from 172.16.10.15 dport 500 sport 500 Global (R) QM_IDLE
.Jul 24 21:18:12.399: ISAKMP: set new node -1671428850 to QM_IDLE
.Jul 24 21:18:12.399: ISAKMP:(13331): processing HASH payload. message ID = 2623538446
.Jul 24 21:18:12.399: ISAKMP:(13331): processing SA payload. message ID = 2623538446
.Jul 24 21:18:12.399: ISAKMP:(13331):Checking IPSec proposal 1
.Jul 24 21:18:12.399: ISAKMP: transform 1, ESP_AES
.Jul 24 21:18:12.399: ISAKMP: attributes in transform:
.Jul 24 21:18:12.399: ISAKMP: SA life type in seconds
.Jul 24 21:18:12.399: ISAKMP: SA life duration (basic) of 28800
.Jul 24 21:18:12.399: ISAKMP: encaps is 1 (Tunnel)
.Jul 24 21:18:12.399: ISAKMP: key length is 128
.Jul 24 21:18:12.399: ISAKMP: authenticator is HMAC-SHA256
.Jul 24 21:18:12.399: ISAKMP: group is 5
.Jul 24 21:18:12.399: ISAKMP:(13331):atts are acceptable.
.Jul 24 21:18:12.399: ISAKMP:(13331): IPSec policy invalidated proposal with error 8
.Jul 24 21:18:12.399: ISAKMP:(13331): phase 2 SA policy not acceptable! (local 172.16.10.1 remote 172.16.10.15)

Raxit