Hello, I am getting this error when I try to bring up IPSec Tunnel... Looking
for someone help.. Thanks...


Starting connection with command /usr/sbin/ipsec auto --up
'paycode-to-vivacom' ..

104 "paycode-to-vivacom" #10: STATE_MAIN_I1: initiate
003 "paycode-to-vivacom" #10: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
003 "paycode-to-vivacom" #10: ignoring Vendor ID payload [FRAGMENTATION
c0000000]
106 "paycode-to-vivacom" #10: STATE_MAIN_I2: sent MI2, expecting MR2
003 "paycode-to-vivacom" #10: received Vendor ID payload [Cisco-Unity]
003 "paycode-to-vivacom" #10: received Vendor ID payload [XAUTH]
003 "paycode-to-vivacom" #10: ignoring unknown Vendor ID payload
[4acca7967b99500430ae278225d941bf]
003 "paycode-to-vivacom" #10: ignoring Vendor ID payload [Cisco VPN 3000 Series]
003 "paycode-to-vivacom" #10: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
108 "paycode-to-vivacom" #10: STATE_MAIN_I3: sent MI3, expecting MR3
010 "paycode-to-vivacom" #10: STATE_MAIN_I3: retransmission; will wait 20s for
response
003 "paycode-to-vivacom" #10: discarding duplicate packet; already STATE_MAIN_I3
003 "paycode-to-vivacom" #10: discarding duplicate packet; already STATE_MAIN_I3
003 "paycode-to-vivacom" #10: discarding duplicate packet; already STATE_MAIN_I3
010 "paycode-to-vivacom" #10: STATE_MAIN_I3: retransmission; will wait 40s for
response
003 "paycode-to-vivacom" #10: next payload type of ISAKMP Hash Payload has an
unknown value: 125
003 "paycode-to-vivacom" #10: malformed payload in packet
031 "paycode-to-vivacom" #10: max number of retransmissions (2) reached
STATE_MAIN_I3. Possible authentication failure: no acceptable response to our
first encrypted message
000 "paycode-to-vivacom" #10: starting keying attempt 2 of at most 3, but
releasing whack









ipsec.conf >>>>> 



conn paycode-to-vivacom
        auth=esp
        authby=secret
        auto=start
        esp=3des-168
        ike=3des-md5
        ikelifetime=8h
        keyexchange=ike
        keyingtries=3
        keylife=1h
        left=95.43.208.250
        leftid=95.43.208.250
        leftnexthop=95.43.208.249
        pfs=yes
        right=212.39.72.21
        rightsubnet=10.16.0.0/24
        type=tunnel



config setup
        interfaces=%defaultroute
        nat_traversal=yes
        OE=off
        protostack=netkey


Connection Configuration >>> Loading Image...


The OS is Debian Squeeze


paycode:~# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.6.23/K2.6.32-trunk-686 (netkey)
Checking for IPsec support in kernel                            [OK]
NETKEY detected, testing for disabled ICMP send_redirects       [OK]
NETKEY detected, testing for disabled ICMP accept_redirects     [OK]
Checking for RSA private key (/etc/ipsec.secrets)               [OK]
Checking that pluto is running                                  [OK]
Pluto listening for IKE on udp 500                              [OK]
Pluto listening for NAT-T on udp 4500                           [OK]
Two or more interfaces found, checking IP forwarding            [OK]
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]
paycode:~#