Hi,

Im trying to establish an ipsec vpn connection from cisco 1720 to a checkpoint firewall.Im not able to establish the conn.From the debug message i understand that the quickmode is failing.Im pasting my debug output.Can anyone help me regardign this.

1w4d: ISAKMP: received ke message (1/1)

1w4d: ISAKMP: local port 500, remote port 500

1w4d: ISAKMP (0:1): beginning Main Mode exchange

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) MM_NO_STATE.....

Success rate is 0 percent (0/5)

Lainc-0014#

1w4d: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...

1w4d: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1

1w4d: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) MM_NO_STATE

1w4d: ISAKMP (0:1): received packet from 81.144.129.210 (I) MM_NO_STATE

1w4d: ISAKMP (0:1): processing SA payload. message ID = 0

1w4d: ISAKMP (0:1): found peer pre-shared key matching 81.144.129.210

1w4d: ISAKMP (0:1): Checking ISAKMP transform 1 against priority 5 policy

1w4d: ISAKMP: encryption DES-CBC

1w4d: ISAKMP: hash MD5

1w4d: ISAKMP: default group 2

1w4d: ISAKMP: auth pre-share

1w4d: ISAKMP (0:1): atts are acceptable. Next payload is 0

1w4d: ISAKMP (0:1): SA is doing pre-shared key authentication using id type ID_F

QDN

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) MM_SA_SETUP

1w4d: ISAKMP (0:1): received packet from 81.144.129.210 (I) MM_SA_SETUP

1w4d: ISAKMP (0:1): processing KE payload. message ID = 0

1w4d: ISAKMP (0:1): processing NONCE payload. message ID = 0

1w4d: ISAKMP (0:1): found peer pre-shared key matching 81.144.129.210

1w4d: ISAKMP (0:1): SKEYID state generated

1w4d: ISAKMP (1): ID payload

next-payload : 8

type : 2

protocol : 17

port : 500

length : 15

1w4d: ISAKMP (1): Total payload length: 19

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) MM_KEY_EXCH

1w4d: ISAKMP (0:1): received packet from 81.144.129.210 (I) MM_KEY_EXCH

1w4d: ISAKMP (0:1): processing ID payload. message ID = 0

1w4d: ISAKMP (0:1): processing HASH payload. message ID = 0

1w4d: ISAKMP (0:1): SA has been authenticated with 81.144.129.210

1w4d: ISAKMP (0:1): beginning Quick Mode exchange, M-ID of 1081694018

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) QM_IDLE

1w4d: ISAKMP (0:1): received packet from 81.144.129.210 (I) QM_IDLE

1w4d: ISAKMP (0:1): phase 1 packet is a duplicate of a previous packet.

1w4d: ISAKMP (0:1): retransmitting due to retransmit phase 1

1w4d: ISAKMP (0:1): retransmitting phase 1 QM_IDLE ...

1w4d: ISAKMP (0:1): received packet from 81.144.129.210 (I) QM_IDLE

1w4d: ISAKMP (0:1): phase 1 packet is a duplicate of a previous packet.

1w4d: ISAKMP (0:1): retransmitting due to retransmit phase 1

1w4d: ISAKMP (0:1): retransmitting phase 1 QM_IDLE ...

1w4d: ISAKMP (0:1): retransmitting phase 1 QM_IDLE ...

1w4d: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 1

1w4d: ISAKMP (0:1): no outgoing phase 1 packet to retransmit. QM_IDLE

1w4d: ISAKMP (0:1): retransmitting phase 2 QM_IDLE 1081694018 ...

1w4d: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 2

1w4d: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 2

1w4d: ISAKMP (0:1): retransmitting phase 2 1081694018 QM_IDLE

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) QM_IDLE

1w4d: ISAKMP: received ke message (1/1)

1w4d: ISAKMP (0:1): sitting IDLE. Starting QM immediately (QM_IDLE )

1w4d: ISAKMP (0:1): beginning Quick Mode exchange, M-ID of 1198044146

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) QM_IDLE

1w4d: ISAKMP (0:0): received packet from 81.144.129.210 (N) NEW SA

1w4d: %CRYPTO-4-IKMP_NO_SA: IKE message from 81.144.129.210 has no SA and is no

t an initialization offer

1w4d: ISAKMP (0:1): retransmitting phase 2 QM_IDLE 1081694018 ...

1w4d: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 2

1w4d: ISAKMP (0:1): incrementing error counter on sa: retransmit phase 2

1w4d: ISAKMP (0:1): retransmitting phase 2 1081694018 QM_IDLE

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) QM_IDLE

1w4d: ISAKMP (0:1): retransmitting phase 2 QM_IDLE 1198044146 ...

1w4d: ISAKMP (0:1): deleting SA reason "death by retransmission P2" state (I) QM

_IDLE (peer 81.144.129.210) input queue 0

1w4d: ISAKMP (0:1): sending packet to 81.144.129.210 (I) MM_NO_STATE

1w4d: ISAKMP (0:1): purging node 2003855092

1w4d: ISAKMP (0:1): deleting node 1081694018 error TRUE reason "death by retrans

mission P2"

1w4d: ISAKMP (0:1): deleting node 1198044146 error TRUE reason "death by retrans

mission P2"

1w4d: ISAKMP: received ke message (3/1)

1w4d: ISAKMP: ignoring request to send delete notify (no ISAKMP sa) src 195.229.

115.65 dst 81.144.129.210 for SPI 0x0