Experts ,

I am trying to establish a Site 2 Site VPN  btw our  Pix 501 6.3(5) to   customer , pix 515 (8.x) , they have provided with following

So i have created the following config on my 501  ,

access-list outside_cryptomap_290 permit ip host a.a.a.a host x.x.x.x

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map outside_map 290 ipsec-isakmp
crypto map outside_map 290 match address outside_cryptomap_290
crypto map outside_map 290 set peer P.Q.R.S
crypto map outside_map 290 set transform-set ESP-3DES-SHA

isakmp key ******** address P.Q.R.S netmask 255.255.255.255 no-xauth no-config-mode

isakmp policy 210 authentication pre-share
isakmp policy 210 encryption 3des
isakmp policy 210 hash sha
isakmp policy 210 group 5
isakmp policy 210 lifetime 86400

With this configuration , we are getting  "illegal UDP Length" when used "Debug Crypto Isakmp"

Below is the debug

ISAKMP msg received

crypto_isakmp_process_block:src:P.Q.R.S, dest:A.B.C.Dspt:500 dpt:500

gen_cookie:

fill_sa_key:isadb_search returned sa = 0xfc8a84

ipsec_db_get_ipsec_sa_list:

ipsec_db_add_ipsec_sa_list:

ipsec_db_get_ipsec_sa_list:

compute_quick_mode_iv:

isakmp_ce_decrypt_payload:

pix_des_decrypt: data 0x82c148, len 104

des_encdec:

validate_payload: len 132

valid_payload:

valid_payload:

ISAKMP_INFO exchange

process_isakmp_info:

verify_qm_hash:

ipsec_db_get_ipsec_sa_list:

process_isakmp_packet:

process_notify:

ISAKMP (0): processing NOTIFY payload 14 protocol 0

spi 0, message ID = 2754729373

ipsec_db_delete_ipsec_sa_list:

ipsec_db_delete_sa_list_entry:

return status is IKMP_NO_ERR_NO_TRANS

ipsec_db_delete_ipsec_sa_list:

PEER_REAPER_TIMER

ISAKMP (0): retransmitting phase 2 (0/0)... mess_id 0x2763fd48

send_response:

isakmp_send: ip P.Q.R.S, port 500

ISAKMP msg received

crypto_isakmp_process_block:src:P.Q.R.S, dest:A.B.C.D spt:500 dpt:500

ISAKMP: illegal udp len

Any help will be greatly appreciated .