Are you getting a public IP address from ISP? => Yes

Is it accesseble from the internet? => Yes

And can you show a logging information of connection from your VPN client?

=> Yes

From Client:

The negotiation with the VPN server failed. Verify the server address and try reconnecting.

Thank you

Ok. Try change line

crypto map EXT_MAP 10 ipsec-isakmp dynamic EXT_DYNAMIC_MAP

to

crypto map EXT_MAP 10 ipsec-isakmp dynamic dynmap

You configured dynamic map for clients but didn't "connected" it to the interface in right way.

Best Regards.

No luck!

Router#sh running-config
Building configuration...

Current configuration : 6448 bytes
!
! Last configuration change at 23:21:58 JST Fri Jun 17 2016 by test
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router
!
boot-start-marker
boot-end-marker
!
logging buffered 409600 debugging
enable secret 5 $1$o/m4$e3RZehFjggafTjpPWMeYP/
!
aaa new-model
!
!
aaa authentication login VPN_CLIENT_LOGIN local
aaa authorization network VPN_CLIENT_GROUP local
!
aaa session-id common
!
resource policy
!
memory-size iomem 5
clock timezone JST 9
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.254
!
ip dhcp pool dHCP
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.254
   dns-server 221.113.139.137 4.2.2.2 8.8.8.8
!
!
ip tcp synwait-time 10
vpdn enable
!
!
!
!
!
no spanning-tree vlan 10
username test privilege 15 password 7 15060E1F10
username cisco password 7 14141B180F0B
!
!
class-map match-any ads
 match access-group name ads
 match protocol http host "*outbrain*"
 match protocol http host "*paid.outbrain.com*"
 match protocol http host "*dwell*"
 match protocol http host "*learni.st*"
 match protocol http host "*googleads*"
 match protocol http host "*doubleclick*"
 match protocol http host "*taboola*"
!
!
policy-map ads
 class ads
   drop
!
!
!
crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 2
 lifetime 3600
!
crypto isakmp client configuration group admin
 key admin
 domain test.com
 pool vpnpool
 acl 101
!
crypto isakmp client configuration group VPN_CLIENTS
 key ClientVpnKey
 dns 8.8.8.8
 domain test.local
 pool VPN_CLIENT_POOL
 acl 110
crypto isakmp profile isakmp-profile
   match identity group admin
   client authentication list auth
   isakmp authorization list auth
   client configuration address respond
   virtual-template 1
!
!
crypto ipsec transform-set tset esp-3des esp-sha-hmac
 mode transport
crypto ipsec transform-set TRANS_3DES_SHA esp-3des esp-sha-hmac
!
crypto ipsec profile ipsec-profile
 set transform-set tset
 set isakmp-profile isakmp-profile
!
!
crypto dynamic-map EXT_DYNAMIC_MAP 10
 set transform-set TRANS_3DES_SHA
!
crypto dynamic-map dynmap 10
 set security-association lifetime seconds 86400
 set transform-set myset
 set isakmp-profile remoteclients
 reverse-route
!
!
crypto map EXT_MAP 10 ipsec-isakmp dynamic dynmap
!
!
!
bba-group pppoe global
!
!
interface FastEthernet0
 no ip address
 ip mtu 1450
 ip virtual-reassembly max-reassemblies 1024
 ip tcp adjust-mss 1420
 no ip mroute-cache
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet2
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet3
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet4
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet5
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet6
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet7
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet8
 switchport access vlan 10
 spanning-tree portfast
!
interface FastEthernet9
 switchport access vlan 10
 spanning-tree portfast
!
interface Virtual-Dot11Radio2
 no ip address
 no cdp enable
!
interface Virtual-PPP2
 no ip address
 no cdp enable
!
interface Virtual-Template1 type tunnel
 ip unnumbered Vlan10
 tunnel source Vlan10
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile ipsec-profile
!
interface Vlan1
 no ip address
!
interface Vlan10
 ip address 192.168.1.254 255.255.255.0
 ip mtu 1450
 ip nat inside
 ip virtual-reassembly max-reassemblies 1024
 ip tcp adjust-mss 1420
 arp timeout 300
!
interface Dialer1
 ip address negotiated
 ip mtu 1450
 ip nat outside
 ip virtual-reassembly max-reassemblies 1024
 encapsulation ppp
 ip tcp adjust-mss 1420
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname a68ffi6n@one.ocn.ne.jp
 ppp chap password 7 06030
 ppp pap sent-username a68ffi6n password 7 02030
 ppp ipcp dns request accept
 ppp ipcp route default
 crypto map EXT_MAP
 service-policy input ads
!
interface Virtual-TokenRing2
 no ip address
 ring-speed 16
!
ip local pool vpnpool 192.168.50.1 192.168.50.10
ip local pool VPN_CLIENT_POOL 192.168.20.200 192.168.20.210
!
!
no ip http server
no ip http secure-server
no ip nat service sip tcp port 5060
no ip nat service sip udp port 5060
ip nat inside source route-map nat interface Dialer1 overload
!
access-list 100 remark ****** NAT ACL ******
access-list 100 deny   ip 192.168.0.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.0.255 any
access-list 100 deny   ip 192.168.1.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 remark ****** NAT ACL ******
access-list 100 remark ****** NAT ACL ******
access-list 100 deny   ip 192.168.2.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 101 permit ip any any
access-list 108 remark ****** Split Tunnel Encrypted Traffic ******
access-list 108 permit ip 192.168.0.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 108 permit ip 192.168.1.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 108 remark ****** Split Tunnel Encrypted Traffic ******
access-list 108 remark ****** Split Tunnel Encrypted Traffic ******
access-list 108 remark ****** Split Tunnel Encrypted Traffic ******
access-list 108 remark ****** Split Tunnel Encrypted Traffic ******
access-list 108 remark ****** Split Tunnel Encrypted Traffic ******
access-list 110 permit ip 192.168.2.0 0.0.0.255 192.168.20.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
route-map nat permit 10
 match ip address 100
!
!
!
!
control-plane
!
alias exec siib show ip int brie | ex down
alias exec ct config term
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
 privilege level 15
 password 7 115A4B52414A
 logging synchronous
 autocommand-options nohangup
!
ntp clock-period 17180343
ntp server 195.167.30.249
ntp server 131.107.13.100 key 1
!
webvpn context Default_context
 ssl authenticate verify all
 !
 no inservice
!
end

Router#
007753: Jun 17 23:30:52.758 JST: ISAKMP (0:0): received packet from 126.237.116.229 dport 500 sport 500 Global (N) NEW SA
007754: Jun 17 23:30:52.758 JST: ISAKMP: Created a peer struct for 126.237.116.229, peer port 500
007755: Jun 17 23:30:52.758 JST: ISAKMP: New peer created peer = 0x84D4E434 peer_handle = 0x80000066
007756: Jun 17 23:30:52.758 JST: ISAKMP: Locking peer struct 0x84D4E434, refcount 1 for crypto_isakmp_process_block
007757: Jun 17 23:30:52.758 JST: ISAKMP: local port 500, remote port 500
007758: Jun 17 23:30:52.758 JST: insert sa successfully sa = 849D6A08
007759: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing SA payload. message ID = 0
007760: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing ID payload. message ID = 0
007761: Jun 17 23:30:52.758 JST: ISAKMP (0:0): ID payload
        next-payload : 13
        type         : 11
        group id     : VPN_CLIENTS
        protocol     : 0
        port         : 0
        length       : 19
007762: Jun 17 23:30:52.758 JST: ISAKMP:(0):: peer matches *none* of the profiles
007763: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007764: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 194 mismatch
007765: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007766: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
007767: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007768: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 198 mismatch
007769: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007770: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 29 mismatch
007771: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007772: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch
007773: Jun 17 23:30:52.758 JST: ISAKMP (0:0): vendor ID is NAT-T v7
007774: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007775: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 114 mismatch
007776: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007777: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 227 mismatch
007778: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007779: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 250 mismatch
007780: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007781: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch
007782: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID is NAT-T v3
007783: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007784: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 164 mismatch
007785: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007786: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
007787: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID is NAT-T v2
007788: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007789: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 242 mismatch
007790: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID is XAUTH
007791: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007792: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID is Unity
007793: Jun 17 23:30:52.758 JST: ISAKMP:(0): processing vendor id payload
007794: Jun 17 23:30:52.758 JST: ISAKMP:(0): vendor ID is DPD
007795: Jun 17 23:30:52.758 JST: ISAKMP : Scanning profiles for xauth ... isakmp-profile
007796: Jun 17 23:30:52.758 JST: ISAKMP:(0): Authentication by xauth preshared
007797: Jun 17 23:30:52.758 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 10 policy
007798: Jun 17 23:30:52.758 JST: ISAKMP:      life type in seconds
007799: Jun 17 23:30:52.758 JST: ISAKMP:      life duration (basic) of 3600
007800: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007801: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007802: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007803: Jun 17 23:30:52.762 JST: ISAKMP:      hash... What? 4?
007804: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007805: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007806: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007807: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 10 policy
007808: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007809: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007810: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007811: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007812: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007813: Jun 17 23:30:52.762 JST: ISAKMP:      hash SHA
007814: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007815: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007816: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007817: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 10 policy
007818: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007819: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007820: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007821: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007822: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007823: Jun 17 23:30:52.762 JST: ISAKMP:      hash MD5
007824: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007825: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007826: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007827: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 10 policy
007828: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007829: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007830: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007831: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007832: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007833: Jun 17 23:30:52.762 JST: ISAKMP:      hash... What? 6?
007834: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007835: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007836: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0
007837: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 65535 policy
007838: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007839: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007840: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007841: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007842: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007843: Jun 17 23:30:52.762 JST: ISAKMP:      hash... What? 4?
007844: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007845: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007846: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007847: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 65535 policy
007848: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007849: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007850: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007851: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007852: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007853: Jun 17 23:30:52.762 JST: ISAKMP:      hash SHA
007854: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007855: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007856: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007857: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 65535 policy
007858: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007859: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007860: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007861: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007862: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007863: Jun 17 23:30:52.762 JST: ISAKMP:      hash MD5
007864: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007865: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007866: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007867: Jun 17 23:30:52.762 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 65535 policy
007868: Jun 17 23:30:52.762 JST: ISAKMP:      life type in seconds
007869: Jun 17 23:30:52.762 JST: ISAKMP:      life duration (basic) of 3600
007870: Jun 17 23:30:52.762 JST: ISAKMP:      encryption AES-CBC
007871: Jun 17 23:30:52.762 JST: ISAKMP:      keylength of 256
007872: Jun 17 23:30:52.762 JST: ISAKMP:      auth XAUTHInitPreShared
007873: Jun 17 23:30:52.762 JST: ISAKMP:      hash... What? 6?
007874: Jun 17 23:30:52.762 JST: ISAKMP:      unknown DH group 14
007875: Jun 17 23:30:52.762 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007876: Jun 17 23:30:52.762 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0
007877: Jun 17 23:30:52.762 JST: ISAKMP:(0):no offers accepted!
007878: Jun 17 23:30:52.762 JST: ISAKMP:(0): phase 1 SA policy not acceptable! (local 114.164.241.157 remote 126.237.116.229)
007879: Jun 17 23:30:52.762 JST: ISAKMP (0:0): incrementing error counter on sa, attempt 1 of 5: construct_fail_ag_init
007880: Jun 17 23:30:52.762 JST: ISAKMP:(0): sending packet to 126.237.116.229 my_port 500 peer_port 500 (R) AG_NO_STATE
007881: Jun 17 23:30:52.762 JST: ISAKMP:(0):peer does not do paranoid keepalives.

007882: Jun 17 23:30:52.762 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 126.237.116.229)
007883: Jun 17 23:30:52.762 JST: ISAKMP:(0): processing KE payload. message ID = 0
007884: Jun 17 23:30:52.762 JST: ISAKMP:(0): group size changed! Should be 0, is 256
007885: Jun 17 23:30:52.762 JST: ISAKMP (0:0): Unknown Input IKE_MESG_FROM_PEER, IKE_AM_EXCH:  state = IKE_READY
007886: Jun 17 23:30:52.766 JST: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_AM_EXCH
007887: Jun 17 23:30:52.766 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_READY

007888: Jun 17 23:30:52.766 JST: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer at 126.237.116.229
Router#
007889: Jun 17 23:30:52.766 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 126.237.116.229)
007890: Jun 17 23:30:52.766 JST: ISAKMP: Unlocking peer struct 0x84D4E434 for isadb_mark_sa_deleted(), count 0
007891: Jun 17 23:30:52.766 JST: ISAKMP: Deleting peer node by peer_reap for 126.237.116.229: 84D4E434
007892: Jun 17 23:30:52.766 JST: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL
007893: Jun 17 23:30:52.766 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_DEST_SA

007894: Jun 17 23:30:53.058 JST: ISAKMP (0:0): received packet from 126.237.116.229 dport 500 sport 500 Global (N) NEW SA
007895: Jun 17 23:30:53.058 JST: ISAKMP: Created a peer struct for 126.237.116.229, peer port 500
007896: Jun 17 23:30:53.058 JST: ISAKMP: New peer created peer = 0x84D4E434 peer_handle = 0x80000059
007897: Jun 17 23:30:53.058 JST: ISAKMP: Locking peer struct 0x84D4E434, refcount 1 for crypto_isakmp_process_block
007898: Jun 17 23:30:53.058 JST: ISAKMP: local port 500, remote port 500
007899: Jun 17 23:30:53.058 JST: ISAKMP: Find a dup sa in the avl tree during calling isadb_insert sa = 849D7578
007900: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing SA payload. message ID = 0
007901: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing ID payload. message ID = 0
007902: Jun 17 23:30:53.058 JST: ISAKMP (0:0): ID payload
        next-payload : 13
        type         : 11
        group id     : VPN_CLIENTS
        protocol     : 0
        port         : 0
        length       : 19
007903: Jun 17 23:30:53.058 JST: ISAKMP:(0):: peer matches *none* of the profiles
007904: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007905: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 194 mismatch
007906: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007907: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
007908: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007909: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 198 mismatch
007910: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007911: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 29 mismatch
007912: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007913: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch
007914: Jun 17 23:30:53.058 JST: ISAKMP (0:0): vendor ID is NAT-T v7
007915: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007916: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 114 mismatch
007917: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007918: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 227 mismatch
007919: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007920: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 250 mismatch
007921: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007922: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch
007923: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID is NAT-T v3
007924: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007925: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 164 mismatch
007926: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007927: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch
007928: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID is NAT-T v2
007929: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007930: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 242 mismatch
007931: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID is XAUTH
007932: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007933: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID is Unity
007934: Jun 17 23:30:53.058 JST: ISAKMP:(0): processing vendor id payload
007935: Jun 17 23:30:53.058 JST: ISAKMP:(0): vendor ID is DPD
007936: Jun 17 23:30:53.058 JST: ISAKMP : Scanning profiles for xauth ... isakmp-profile
007937: Jun 17 23:30:53.058 JST: ISAKMP:(0): Authentication by xauth preshared
007938: Jun 17 23:30:53.058 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 10 policy
007939: Jun 17 23:30:53.058 JST: ISAKMP:      life type in seconds
007940: Jun 17 23:30:53.058 JST: ISAKMP:      life duration (basic) of 3600
007941: Jun 17 23:30:53.058 JST: ISAKMP:      encryption AES-CBC
007942: Jun 17 23:30:53.058 JST: ISAKMP:      keylength of 256
007943: Jun 17 23:30:53.058 JST: ISAKMP:      auth XAUTHInitPreShared
007944: Jun 17 23:30:53.058 JST: ISAKMP:      hash SHA
007945: Jun 17 23:30:53.058 JST: ISAKMP:      default group 2
007946: Jun 17 23:30:53.058 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007947: Jun 17 23:30:53.058 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007948: Jun 17 23:30:53.058 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 10 policy
007949: Jun 17 23:30:53.058 JST: ISAKMP:      life type in seconds
007950: Jun 17 23:30:53.058 JST: ISAKMP:      life duration (basic) of 3600
007951: Jun 17 23:30:53.058 JST: ISAKMP:      encryption AES-CBC
007952: Jun 17 23:30:53.058 JST: ISAKMP:      keylength of 256
007953: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
007954: Jun 17 23:30:53.062 JST: ISAKMP:      hash MD5
007955: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
007956: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007957: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007958: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 10 policy
007959: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
007960: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
007961: Jun 17 23:30:53.062 JST: ISAKMP:      encryption AES-CBC
007962: Jun 17 23:30:53.062 JST: ISAKMP:      keylength of 128
007963: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
007964: Jun 17 23:30:53.062 JST: ISAKMP:      hash SHA
007965: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
007966: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007967: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007968: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 10 policy
007969: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
007970: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
007971: Jun 17 23:30:53.062 JST: ISAKMP:      encryption AES-CBC
007972: Jun 17 23:30:53.062 JST: ISAKMP:      keylength of 128
007973: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
007974: Jun 17 23:30:53.062 JST: ISAKMP:      hash MD5
007975: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
007976: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
007977: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007978: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 5 against priority 10 policy
007979: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
007980: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
007981: Jun 17 23:30:53.062 JST: ISAKMP:      encryption 3DES-CBC
007982: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
007983: Jun 17 23:30:53.062 JST: ISAKMP:      hash SHA
007984: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
007985: Jun 17 23:30:53.062 JST: ISAKMP:(0):Xauth authentication by pre-shared key offered but does not match policy!
007986: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007987: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 6 against priority 10 policy
007988: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
007989: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
007990: Jun 17 23:30:53.062 JST: ISAKMP:      encryption 3DES-CBC
007991: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
007992: Jun 17 23:30:53.062 JST: ISAKMP:      hash MD5
007993: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
007994: Jun 17 23:30:53.062 JST: ISAKMP:(0):Hash algorithm offered does not match policy!
007995: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
007996: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 7 against priority 10 policy
007997: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
007998: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
007999: Jun 17 23:30:53.062 JST: ISAKMP:      encryption DES-CBC
008000: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
008001: Jun 17 23:30:53.062 JST: ISAKMP:      hash SHA
008002: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
008003: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008004: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008005: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 8 against priority 10 policy
008006: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
008007: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
008008: Jun 17 23:30:53.062 JST: ISAKMP:      encryption DES-CBC
008009: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
008010: Jun 17 23:30:53.062 JST: ISAKMP:      hash MD5
008011: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
008012: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008013: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0
008014: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 65535 policy
008015: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
008016: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
008017: Jun 17 23:30:53.062 JST: ISAKMP:      encryption AES-CBC
008018: Jun 17 23:30:53.062 JST: ISAKMP:      keylength of 256
008019: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
008020: Jun 17 23:30:53.062 JST: ISAKMP:      hash SHA
008021: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
008022: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008023: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008024: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 65535 policy
008025: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
008026: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
008027: Jun 17 23:30:53.062 JST: ISAKMP:      encryption A
Router#ES-CBC
008028: Jun 17 23:30:53.062 JST: ISAKMP:      keylength of 256
008029: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
008030: Jun 17 23:30:53.062 JST: ISAKMP:      hash MD5
008031: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
008032: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008033: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008034: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 65535 policy
008035: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
008036: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
008037: Jun 17 23:30:53.062 JST: ISAKMP:      encryption AES-CBC
008038: Jun 17 23:30:53.062 JST: ISAKMP:      keylength of 128
008039: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
008040: Jun 17 23:30:53.062 JST: ISAKMP:      hash SHA
008041: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
008042: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008043: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008044: Jun 17 23:30:53.062 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 65535 policy
008045: Jun 17 23:30:53.062 JST: ISAKMP:      life type in seconds
008046: Jun 17 23:30:53.062 JST: ISAKMP:      life duration (basic) of 3600
008047: Jun 17 23:30:53.062 JST: ISAKMP:      encryption AES-CBC
008048: Jun 17 23:30:53.062 JST: ISAKMP:      keylength of 128
008049: Jun 17 23:30:53.062 JST: ISAKMP:      auth XAUTHInitPreShared
008050: Jun 17 23:30:53.062 JST: ISAKMP:      hash MD5
008051: Jun 17 23:30:53.062 JST: ISAKMP:      default group 2
008052: Jun 17 23:30:53.062 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008053: Jun 17 23:30:53.062 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008054: Jun 17 23:30:53.066 JST: ISAKMP:(0):Checking ISAKMP transform 5 against priority 65535 policy
008055: Jun 17 23:30:53.066 JST: ISAKMP:      life type in seconds
008056: Jun 17 23:30:53.066 JST: ISAKMP:      life duration (basic) of 3600
008057: Jun 17 23:30:53.066 JST: ISAKMP:      encryption 3DES-CBC
008058: Jun 17 23:30:53.066 JST: ISAKMP:      auth XAUTHInitPreShared
008059: Jun 17 23:30:53.066 JST: ISAKMP:      hash SHA
008060: Jun 17 23:30:53.066 JST: ISAKMP:      default group 2
008061: Jun 17 23:30:53.066 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008062: Jun 17 23:30:53.066 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008063: Jun 17 23:30:53.066 JST: ISAKMP:(0):Checking ISAKMP transform 6 against priority 65535 policy
008064: Jun 17 23:30:53.066 JST: ISAKMP:      life type in seconds
008065: Jun 17 23:30:53.066 JST: ISAKMP:      life duration (basic) of 3600
008066: Jun 17 23:30:53.066 JST: ISAKMP:      encryption 3DES-CBC
008067: Jun 17 23:30:53.066 JST: ISAKMP:      auth XAUTHInitPreShared
008068: Jun 17 23:30:53.066 JST: ISAKMP:      hash MD5
008069: Jun 17 23:30:53.066 JST: ISAKMP:      default group 2
008070: Jun 17 23:30:53.066 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!
008071: Jun 17 23:30:53.066 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008072: Jun 17 23:30:53.066 JST: ISAKMP:(0):Checking ISAKMP transform 7 against priority 65535 policy
008073: Jun 17 23:30:53.066 JST: ISAKMP:      life type in seconds
008074: Jun 17 23:30:53.066 JST: ISAKMP:      life duration (basic) of 3600
008075: Jun 17 23:30:53.066 JST: ISAKMP:      encryption DES-CBC
008076: Jun 17 23:30:53.066 JST: ISAKMP:      auth XAUTHInitPreShared
008077: Jun 17 23:30:53.066 JST: ISAKMP:      hash SHA
008078: Jun 17 23:30:53.066 JST: ISAKMP:      default group 2
008079: Jun 17 23:30:53.066 JST: ISAKMP:(0):Authentication method offered does not match policy!
008080: Jun 17 23:30:53.066 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3
008081: Jun 17 23:30:53.066 JST: ISAKMP:(0):Checking ISAKMP transform 8 against priority 65535 policy
008082: Jun 17 23:30:53.066 JST: ISAKMP:      life type in seconds
008083: Jun 17 23:30:53.066 JST: ISAKMP:      life duration (basic) of 3600
008084: Jun 17 23:30:53.066 JST: ISAKMP:      encryption DES-CBC
008085: Jun 17 23:30:53.066 JST: ISAKMP:      auth XAUTHInitPreShared
008086: Jun 17 23:30:53.066 JST: ISAKMP:      hash MD5
008087: Jun 17 23:30:53.066 JST: ISAKMP:      default group 2
008088: Jun 17 23:30:53.066 JST: ISAKMP:(0):Hash algorithm offered does not match policy!
008089: Jun 17 23:30:53.066 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0
008090: Jun 17 23:30:53.066 JST: ISAKMP:(0):no offers accepted!
008091: Jun 17 23:30:53.066 JST: ISAKMP:(0): phase 1 SA policy not acceptable! (local 114.164.241.157 remote 126.237.116.229)
008092: Jun 17 23:30:53.066 JST: ISAKMP (0:0): incrementing error counter on sa, attempt 1 of 5: construct_fail_ag_init
008093: Jun 17 23:30:53.066 JST: ISAKMP:(0): sending packet to 126.237.116.229 my_port 500 peer_port 500 (R) AG_NO_STATE
008094: Jun 17 23:30:53.066 JST: ISAKMP:(0):peer does not do paranoid keepalives.

008095: Jun 17 23:30:53.066 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 126.237.116.229)
008096: Jun 17 23:30:53.066 JST: ISAKMP:(0): processing KE payload. message ID = 0
008097: Jun 17 23:30:53.066 JST: ISAKMP:(0): group size changed! Should be 0, is 128
008098: Jun 17 23:30:53.066 JST: ISAKMP (0:0): Unknown Input IKE_MESG_FROM_PEER, IKE_AM_EXCH:  state = IKE_READY
008099: Jun 17 23:30:53.066 JST: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_AM_EXCH
008100: Jun 17 23:30:53.066 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_READY

008101: Jun 17 23:30:53.066 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 126.237.116.229)
008102: Jun 17 23:30:53.066 JST: ISAKMP: Unlocking peer struct 0x84D4E434 for isadb_mark_sa_deleted(), count 0
008103: Jun 17 23:30:53.066 JST: ISAKMP: Deleting peer node by peer_reap for 126.237.116.229: 84D4E434
008104: Jun 17 23:30:53.066 JST: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL
008105: Jun 17 23:30:53.066 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_DEST_SA

Router#

Hi.

Sorry for a long responce. For some time I didn't have any time for community. Really sorry.

Ok, about your problem. It sys that there is no matching with isakmp policyes. Could you try this?

crypto isakmp profile isakmp-profile
   no client authentication list auth
   no isakmp authorization list auth
   client authentication VPN_CLIENT_LOGIN
   isakmp authorization list VPN_CLIENT_GROUP

Best Regards.

Hi, AllerGen, Thank you for your time!

MAC VPN connection error: The negotiation with the VPN server failed. Verify the server address and try reconnecting.            

Router#

Router#

Router#                

014501: Jun 30 22:50:21.253 JST: ISAKMP (0:0): received packet from 192.168.1.11 dport 500 sport 500 Global (N) NEW SA

014502: Jun 30 22:50:21.253 JST: ISAKMP: Created a peer struct for 192.168.1.11, peer port 500

014503: Jun 30 22:50:21.253 JST: ISAKMP: New peer created peer = 0x849A7524 peer_handle = 0x8000008A

014504: Jun 30 22:50:21.253 JST: ISAKMP: Locking peer struct 0x849A7524, refcount 1 for crypto_isakmp_process_block

014505: Jun 30 22:50:21.253 JST: ISAKMP: local port 500, remote port 500

014506: Jun 30 22:50:21.253 JST: insert sa successfully sa = 849C78DC

014507: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing SA payload. message ID = 0

014508: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing ID payload. message ID = 0

014509: Jun 30 22:50:21.253 JST: ISAKMP (0:0): ID payload 

next-payload : 13

type         : 11 

group id     : VPN_CLIENTS 

protocol     : 0 

port         : 0 

length       : 19

014510: Jun 30 22:50:21.253 JST: ISAKMP:(0):: peer matches *none* of the profiles

014511: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014512: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 194 mismatch

014513: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014514: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch

014515: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014516: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 198 mismatch

014517: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014518: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 29 mismatch

014519: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014520: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch

014521: Jun 30 22:50:21.253 JST: ISAKMP (0:0): vendor ID is NAT-T v7

014522: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014523: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 114 mismatch

014524: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014525: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 227 mismatch

014526: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014527: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 250 mismatch

014528: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014529: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch

014530: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID is NAT-T v3

014531: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014532: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 164 mismatch

014533: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014534: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch

014535: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID is NAT-T v2

014536: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014537: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 242 mismatch

014538: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID is XAUTH

014539: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014540: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID is Unity

014541: Jun 30 22:50:21.253 JST: ISAKMP:(0): processing vendor id payload

014542: Jun 30 22:50:21.253 JST: ISAKMP:(0): vendor ID is DPD

014543: Jun 30 22:50:21.253 JST: ISAKMP : Scanning profiles for xauth ... isakmp-profile

014544: Jun 30 22:50:21.253 JST: ISAKMP:(0): Authentication by xauth preshared

014545: Jun 30 22:50:21.253 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 10 policy

014546: Jun 30 22:50:21.253 JST: ISAKMP:      life type in seconds

014547: Jun 30 22:50:21.253 JST: ISAKMP:      life duration (basic) of 3600

014548: Jun 30 22:50:21.253 JST: ISAKMP:      encryption AES-CBC

014549: Jun 30 22:50:21.253 JST: ISAKMP:      keylength of 256

014550: Jun 30 22:50:21.253 JST: ISAKMP:      auth XAUTHInitPreShared

014551: Jun 30 22:50:21.253 JST: ISAKMP:      hash... What? 4?

014552: Jun 30 22:50:21.253 JST: ISAKMP:      unknown DH group 14

014553: Jun 30 22:50:21.253 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014554: Jun 30 22:50:21.253 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014555: Jun 30 22:50:21.253 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 10 policy

014556: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014557: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014558: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014559: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014560: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014561: Jun 30 22:50:21.257 JST: ISAKMP:      hash SHA

014562: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014563: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014564: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014565: Jun 30 22:50:21.257 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 10 policy

014566: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014567: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014568: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014569: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014570: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014571: Jun 30 22:50:21.257 JST: ISAKMP:      hash MD5

014572: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014573: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014574: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014575: Jun 30 22:50:21.257 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 10 policy

014576: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014577: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014578: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014579: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014580: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014581: Jun 30 22:50:21.257 JST: ISAKMP:      hash... What? 6?

014582: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014583: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014584: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0

014585: Jun 30 22:50:21.257 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 65535 policy

014586: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014587: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014588: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014589: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014590: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014591: Jun 30 22:50:21.257 JST: ISAKMP:      hash... What? 4?

014592: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014593: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014594: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014595: Jun 30 22:50:21.257 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 65535 policy

014596: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014597: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014598: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014599: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014600: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014601: Jun 30 22:50:21.257 JST: ISAKMP:      hash SHA

014602: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014603: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014604: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014605: Jun 30 22:50:21.257 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 65535 policy

014606: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014607: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014608: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014609: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014610: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014611: Jun 30 22:50:21.257 JST: ISAKMP:      hash MD5

014612: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014613: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014614: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014615: Jun 30 22:50:21.257 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 65535 policy

014616: Jun 30 22:50:21.257 JST: ISAKMP:      life type in seconds

014617: Jun 30 22:50:21.257 JST: ISAKMP:      life duration (basic) of 3600

014618: Jun 30 22:50:21.257 JST: ISAKMP:      encryption AES-CBC

014619: Jun 30 22:50:21.257 JST: ISAKMP:      keylength of 256

014620: Jun 30 22:50:21.257 JST: ISAKMP:      auth XAUTHInitPreShared

014621: Jun 30 22:50:21.257 JST: ISAKMP:      hash... What? 6?

014622: Jun 30 22:50:21.257 JST: ISAKMP:      unknown DH group 14

014623: Jun 30 22:50:21.257 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014624: Jun 30 22:50:21.257 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0

014625: Jun 30 22:50:21.257 JST: ISAKMP:(0):no offers accepted!

014626: Jun 30 22:50:21.257 JST: ISAKMP:(0): phase 1 SA policy not acceptable! (local 114.164.241.157 remote 192.168.1.11)

014627: Jun 30 22:50:21.257 JST: ISAKMP (0:0): incrementing error counter on sa, attempt 1 of 5: construct_fail_ag_init

014628: Jun 30 22:50:21.257 JST: ISAKMP:(0): sending packet to 192.168.1.11 my_port 500 peer_port 500 (R) AG_NO_STATE

014629: Jun 30 22:50:21.257 JST: ISAKMP:(0):peer does not do paranoid keepalives.

014630: Jun 30 22:50:21.257 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 192.168.1.11)

014631: Jun 30 22:50:21.257 JST: ISAKMP:(0): processing KE payload. message ID = 0

014632: Jun 30 22:50:21.257 JST: ISAKMP:(0): group size changed! Should be 0, is 256

014633: Jun 30 22:50:21.257 JST: ISAKMP (0:0): Unknown Input IKE_MESG_FROM_PEER, IKE_AM_EXCH:  state = IKE_READY

014634: Jun 30 22:50:21.257 JST: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_AM_EXCH

014635: Jun 30 22:50:21.261 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_READY 

014636: Jun 30 22:50:21.261 JST: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer at 192.168.1.11

014637: Jun 30 22:50:21.261 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not 

Router#accepted" state (R) AG_NO_STATE (peer 192.168.1.11) 

014638: Jun 30 22:50:21.261 JST: ISAKMP: Unlocking peer struct 0x849A7524 for isadb_mark_sa_deleted(), count 0

014639: Jun 30 22:50:21.261 JST: ISAKMP: Deleting peer node by peer_reap for 192.168.1.11: 849A7524

014640: Jun 30 22:50:21.261 JST: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL

014641: Jun 30 22:50:21.261 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_DEST_SA 

014642: Jun 30 22:50:21.269 JST: ISAKMP (0:0): received packet from 192.168.1.11 dport 500 sport 500 Global (N) NEW SA

014643: Jun 30 22:50:21.269 JST: ISAKMP: Created a peer struct for 192.168.1.11, peer port 500

014644: Jun 30 22:50:21.269 JST: ISAKMP: New peer created peer = 0x849A7524 peer_handle = 0x8000007D

014645: Jun 30 22:50:21.269 JST: ISAKMP: Locking peer struct 0x849A7524, refcount 1 for crypto_isakmp_process_block

014646: Jun 30 22:50:21.269 JST: ISAKMP: local port 500, remote port 500

014647: Jun 30 22:50:21.269 JST: ISAKMP: Find a dup sa in the avl tree during calling isadb_insert sa = 84A3FC14

014648: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing SA payload. message ID = 0

014649: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing ID payload. message ID = 0

014650: Jun 30 22:50:21.269 JST: ISAKMP (0:0): ID payload 

next-payload : 13

type         : 11 

group id     : VPN_CLIENTS 

protocol     : 0 

port         : 0 

length       : 19

014651: Jun 30 22:50:21.269 JST: ISAKMP:(0):: peer matches *none* of the profiles

014652: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014653: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 194 mismatch

014654: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014655: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch

014656: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014657: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 198 mismatch

014658: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014659: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 29 mismatch

014660: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014661: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch

014662: Jun 30 22:50:21.269 JST: ISAKMP (0:0): vendor ID is NAT-T v7

014663: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014664: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 114 mismatch

014665: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014666: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 227 mismatch

014667: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014668: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 250 mismatch

014669: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014670: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 157 mismatch

014671: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID is NAT-T v3

014672: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014673: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 164 mismatch

014674: Jun 30 22:50:21.269 JST: ISAKMP:(0): processing vendor id payload

014675: Jun 30 22:50:21.269 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 123 mismatch

014676: Jun 30 22:50:21.273 JST: ISAKMP:(0): vendor ID is NAT-T v2

014677: Jun 30 22:50:21.273 JST: ISAKMP:(0): processing vendor id payload

014678: Jun 30 22:50:21.273 JST: ISAKMP:(0): vendor ID seems Unity/DPD but major 242 mismatch

014679: Jun 30 22:50:21.273 JST: ISAKMP:(0): vendor ID is XAUTH

014680: Jun 30 22:50:21.273 JST: ISAKMP:(0): processing vendor id payload

014681: Jun 30 22:50:21.273 JST: ISAKMP:(0): vendor ID is Unity

014682: Jun 30 22:50:21.273 JST: ISAKMP:(0): processing vendor id payload

014683: Jun 30 22:50:21.273 JST: ISAKMP:(0): vendor ID is DPD

014684: Jun 30 22:50:21.273 JST: ISAKMP : Scanning profiles for xauth ... isakmp-profile

014685: Jun 30 22:50:21.273 JST: ISAKMP:(0): Authentication by xauth preshared

014686: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 10 policy

014687: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014688: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014689: Jun 30 22:50:21.273 JST: ISAKMP:      encryption AES-CBC

014690: Jun 30 22:50:21.273 JST: ISAKMP:      keylength of 256

014691: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014692: Jun 30 22:50:21.273 JST: ISAKMP:      hash SHA

014693: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014694: Jun 30 22:50:21.273 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014695: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014696: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 10 policy

014697: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014698: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014699: Jun 30 22:50:21.273 JST: ISAKMP:      encryption AES-CBC

014700: Jun 30 22:50:21.273 JST: ISAKMP:      keylength of 256

014701: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014702: Jun 30 22:50:21.273 JST: ISAKMP:      hash MD5

014703: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014704: Jun 30 22:50:21.273 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014705: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014706: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 10 policy

014707: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014708: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014709: Jun 30 22:50:21.273 JST: ISAKMP:      encryption AES-CBC

014710: Jun 30 22:50:21.273 JST: ISAKMP:      keylength of 128

014711: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014712: Jun 30 22:50:21.273 JST: ISAKMP:      hash SHA

014713: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014714: Jun 30 22:50:21.273 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014715: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014716: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 10 policy

014717: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014718: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014719: Jun 30 22:50:21.273 JST: ISAKMP:      encryption AES-CBC

014720: Jun 30 22:50:21.273 JST: ISAKMP:      keylength of 128

014721: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014722: Jun 30 22:50:21.273 JST: ISAKMP:      hash MD5

014723: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014724: Jun 30 22:50:21.273 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014725: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014726: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 5 against priority 10 policy

014727: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014728: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014729: Jun 30 22:50:21.273 JST: ISAKMP:      encryption 3DES-CBC

014730: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014731: Jun 30 22:50:21.273 JST: ISAKMP:      hash SHA

014732: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014733: Jun 30 22:50:21.273 JST: ISAKMP:(0):Xauth authentication by pre-shared key offered but does not match policy!

014734: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014735: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 6 against priority 10 policy

014736: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014737: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014738: Jun 30 22:50:21.273 JST: ISAKMP:      encryption 3DES-CBC

014739: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014740: Jun 30 22:50:21.273 JST: ISAKMP:      hash MD5

014741: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014742: Jun 30 22:50:21.273 JST: ISAKMP:(0):Hash algorithm offered does not match policy!

014743: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014744: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 7 against priority 10 policy

014745: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014746: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014747: Jun 30 22:50:21.273 JST: ISAKMP:      encryption DES-CBC

014748: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014749: Jun 30 22:50:21.273 JST: ISAKMP:      hash SHA

014750: Jun 30 22:50:21.273 JST: ISAKMP:      default group 2

014751: Jun 30 22:50:21.273 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014752: Jun 30 22:50:21.273 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014753: Jun 30 22:50:21.273 JST: ISAKMP:(0):Checking ISAKMP transform 8 against priority 10 policy

014754: Jun 30 22:50:21.273 JST: ISAKMP:      life type in seconds

014755: Jun 30 22:50:21.273 JST: ISAKMP:      life duration (basic) of 3600

014756: Jun 30 22:50:21.273 JST: ISAKMP:      encryption DES-CBC

014757: Jun 30 22:50:21.273 JST: ISAKMP:      auth XAUTHInitPreShared

014758: Jun 30 22:50:21.273 JST: ISAKMP:      hash MD5

014759: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014760: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014761: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0

014762: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 1 against priority 65535 policy

014763: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014764: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014765: Jun 30 22:50:21.277 JST: ISAKMP:      encryption AES-CBC

014766: Jun 30 22:50:21.277 JST: ISAKMP:      keylength of 256

014767: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014768: Jun 30 22:50:21.277 JST: ISAKMP:      hash SHA

014769: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014770: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014771: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014772: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 2 against priority 65535 policy

014773: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014774: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014775: Jun 30 22:50:21.277 JST: ISAKMP:      encryption AES-CBC

014776: Jun 30 22:50:21.277 JST: ISAKMP:      keylength of 256

014777: Jun 30 22:50:21.277 JST: ISA

Router#KMP:      auth XAUTHInitPreShared

014778: Jun 30 22:50:21.277 JST: ISAKMP:      hash MD5

014779: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014780: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014781: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014782: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 3 against priority 65535 policy

014783: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014784: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014785: Jun 30 22:50:21.277 JST: ISAKMP:      encryption AES-CBC

014786: Jun 30 22:50:21.277 JST: ISAKMP:      keylength of 128

014787: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014788: Jun 30 22:50:21.277 JST: ISAKMP:      hash SHA

014789: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014790: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014791: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014792: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 4 against priority 65535 policy

014793: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014794: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014795: Jun 30 22:50:21.277 JST: ISAKMP:      encryption AES-CBC

014796: Jun 30 22:50:21.277 JST: ISAKMP:      keylength of 128

014797: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014798: Jun 30 22:50:21.277 JST: ISAKMP:      hash MD5

014799: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014800: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014801: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014802: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 5 against priority 65535 policy

014803: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014804: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014805: Jun 30 22:50:21.277 JST: ISAKMP:      encryption 3DES-CBC

014806: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014807: Jun 30 22:50:21.277 JST: ISAKMP:      hash SHA

014808: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014809: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014810: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014811: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 6 against priority 65535 policy

014812: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014813: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014814: Jun 30 22:50:21.277 JST: ISAKMP:      encryption 3DES-CBC

014815: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014816: Jun 30 22:50:21.277 JST: ISAKMP:      hash MD5

014817: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014818: Jun 30 22:50:21.277 JST: ISAKMP:(0):Encryption algorithm offered does not match policy!

014819: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014820: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 7 against priority 65535 policy

014821: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014822: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014823: Jun 30 22:50:21.277 JST: ISAKMP:      encryption DES-CBC

014824: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014825: Jun 30 22:50:21.277 JST: ISAKMP:      hash SHA

014826: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014827: Jun 30 22:50:21.277 JST: ISAKMP:(0):Authentication method offered does not match policy!

014828: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 3

014829: Jun 30 22:50:21.277 JST: ISAKMP:(0):Checking ISAKMP transform 8 against priority 65535 policy

014830: Jun 30 22:50:21.277 JST: ISAKMP:      life type in seconds

014831: Jun 30 22:50:21.277 JST: ISAKMP:      life duration (basic) of 3600

014832: Jun 30 22:50:21.277 JST: ISAKMP:      encryption DES-CBC

014833: Jun 30 22:50:21.277 JST: ISAKMP:      auth XAUTHInitPreShared

014834: Jun 30 22:50:21.277 JST: ISAKMP:      hash MD5

014835: Jun 30 22:50:21.277 JST: ISAKMP:      default group 2

014836: Jun 30 22:50:21.277 JST: ISAKMP:(0):Hash algorithm offered does not match policy!

014837: Jun 30 22:50:21.277 JST: ISAKMP:(0):atts are not acceptable. Next payload is 0

014838: Jun 30 22:50:21.277 JST: ISAKMP:(0):no offers accepted!

014839: Jun 30 22:50:21.277 JST: ISAKMP:(0): phase 1 SA policy not acceptable! (local 114.164.241.157 remote 192.168.1.11)

014840: Jun 30 22:50:21.277 JST: ISAKMP (0:0): incrementing error counter on sa, attempt 1 of 5: construct_fail_ag_init

014841: Jun 30 22:50:21.277 JST: ISAKMP:(0): sending packet to 192.168.1.11 my_port 500 peer_port 500 (R) AG_NO_STATE

014842: Jun 30 22:50:21.277 JST: ISAKMP:(0):peer does not do paranoid keepalives.

014843: Jun 30 22:50:21.281 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 192.168.1.11)

014844: Jun 30 22:50:21.281 JST: ISAKMP:(0): processing KE payload. message ID = 0

014845: Jun 30 22:50:21.281 JST: ISAKMP:(0): group size changed! Should be 0, is 128

014846: Jun 30 22:50:21.281 JST: ISAKMP (0:0): Unknown Input IKE_MESG_FROM_PEER, IKE_AM_EXCH:  state = IKE_READY

014847: Jun 30 22:50:21.281 JST: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_AM_EXCH

014848: Jun 30 22:50:21.281 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_READY 

014849: Jun 30 22:50:21.281 JST: ISAKMP:(0):deleting SA reason "Phase1 SA policy proposal not accepted" state (R) AG_NO_STATE (peer 192.168.1.11) 

014850: Jun 30 22:50:21.281 JST: ISAKMP: Unlocking peer struct 0x849A7524 for isadb_mark_sa_deleted(), count 0

014851: Jun 30 22:50:21.281 JST: ISAKMP: Deleting peer node by peer_reap for 192.168.1.11: 849A7524

014852: Jun 30 22:50:21.281 JST: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL

014853: Jun 30 22:50:21.281 JST: ISAKMP:(0):Old State = IKE_READY  New State = IKE_DEST_SA 

014854: Jun 30 22:51:21.262 JST: ISAKMP:(0):purging SA., sa=849C78DC, delme=849C78DC

014855: Jun 30 22:51:21.282 JST: ISAKMP:(0):purging SA., sa=84A3FC14, delme=84A3FC14

Hi.

Finnaly I had some free time to look at your configuration more deeply. Could you try to do this changes?

crypto isakmp profile isakmp-profile
 client configuration group admin
exit

crypto dynamic-map dynmap 10
 no set transform-set myset
 no set isakmp-profile remoteclients
 set transform-set tset
 set isakmp-profile isakmp-profile
exit

crypto isakmp policy 10
 hash md5
exit

Well, only because of the last 3 lines it could't hit any rule for 1 Phase. But without other lines you will have problems at the another parts. So try to commit them all.

Best Regards.

Hi.

Could you try connect under admin group first? Right now in dynamic crypto maps you have only admin record. We can add it a little later. I would like to test that it works by itself.

And as I can see from logs you're trying to use VPN_CLIENT. And because you don't have a dynamic crypto map for this you're getting this error:

Receive config attributes requested butconfig attributes not in crypto map.  Sending empty reply.

Best Regards

Hi.

From the log there is no errors at the isakmp phase. Maybe some problems with ipsec phase. Can you use "debug crypto ipsec"?

Best Regards.

Hi, AllertGen, Attached is the log with debug crypto IPsec ....

Hm. There is no specific error at the debug messages. But by some reason connection lost after sending settings to the client after authentication.

Could you try this?

crypto isakmp client configuration group admin
 no acl 101

Here's a log with no acl configured. 10x