IPSEC Issues (Revised; Sorry about last email!)

From:	"Scott M. Day" <scottd at weldonowen dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	IPSEC Issues (Revised; Sorry about last email!)
Date:	Wed, 1 Feb 2006 10:23:36 -0800
Not sure what happened - I had an entire lead in for that last  
request. Here is what I said originally:

I am trying to setup an m0n0 IPSEC tunnel between my offices' new T1  
(we will migrate soon) and my house (DSL) both running identical  
m0n0wall versions, etc. both are running 3COM nice on the outside  
interface (pretty new NICs). PPTP from my office to home works like a  
champ, no problems there. The IPSEC tunnel keeps failing - the  
ultimate goal here is to send a m0n0wall rule set to our office in  
Australia, currently they have a Smoothwall Express there but in  
order to have standardization and IT run out of our main office I  
want them on a m0n0. I have had 0 success connecting to Smoothwall  
and wanted to proof of concept this so my boss could see m0n0 working  
and we could standardize things onto BSD for security and Linux for  
servers, etc.. ANYWAYS - below are my logs from both the office and  
home when I try to run a ping from home to an inside office IP  
address. SORRY about my last email - I am sure you were all  
scratching your heads. So you know I have scoured the lists, google,  
everywhere for a hint on this one:

 From Home Machine when pinging internal office IP:

Feb 1 10:21:08 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:21:05 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:20:35 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:20:32 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:20:02 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:19:58 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:19:28 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:19:25 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:18:55 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:18:52 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:18:22 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:18:19 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:17:49 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:17:45 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:17:15 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]
Feb 1 10:17:11 	racoon: ERROR: 69.17.50.2 give up to get IPsec-SA due  
to time up to wait.
Feb 1 10:16:41 	racoon: INFO: initiate new phase 2 negotiation:  
66.92.184.208[0]<=>69.17.50.2[0]


 From office machine:


Feb 1 10:22:37 	racoon: ERROR: failed to pre-process packet.
Feb 1 10:22:37 	racoon: ERROR: failed to get proposal for responder.
Feb 1 10:22:37 	racoon: ERROR: no policy found: 10.10.0.0/16[0]  
192.168.168.0/24[0] proto=any dir=in
Feb 1 10:22:37 	racoon: INFO: respond new phase 2 negotiation:  
69.17.50.2[0]<=>66.92.184.208[0]
Feb 1 10:22:27 	racoon: ERROR: failed to pre-process packet.
Feb 1 10:22:27 	racoon: ERROR: failed to get proposal for responder.
Feb 1 10:22:27 	racoon: ERROR: no policy found: 10.10.0.0/16[0]  
192.168.168.0/24[0] proto=any dir=in
Feb 1 10:22:27 	racoon: INFO: respond new phase 2 negotiation:  
69.17.50.2[0]<=>66.92.184.208[0]
Feb 1 10:22:17 	racoon: ERROR: failed to pre-process packet.
Feb 1 10:22:17 	racoon: ERROR: failed to get proposal for responder.
Feb 1 10:22:17 	racoon: ERROR: no policy found: 10.10.0.0/16[0]  
192.168.168.0/24[0] proto=any dir=in
Feb 1 10:22:17 	racoon: INFO: respond new phase 2 negotiation:  
69.17.50.2[0]<=>66.92.184.208[0]
Feb 1 10:22:03 	racoon: ERROR: failed to pre-process packet.
Feb 1 10:22:03 	racoon: ERROR: failed to get proposal for responder.
Feb 1 10:22:03 	racoon: ERROR: no policy found: 10.10.0.0/16[0]  
192.168.168.0/24[0] proto=any dir=in
Feb 1 10:22:03 	racoon: INFO: respond new phase 2 negotiation:  
69.17.50.2[0]<=>66.92.184.208[0]
Feb 1 10:21:52 	racoon: ERROR: failed to pre-process packet.
Feb 1 10:21:52 	racoon: ERROR: failed to get proposal for responder.
Feb 1 10:21:52 	racoon: ERROR: no policy found: 10.10.0.0/16[0]  
192.168.168.0/24[0] proto=any dir=in
Feb 1 10:21:52 	racoon: INFO: respond new phase 2 negotiation:  
69.17.50.2[0]<=>66.92.184.208[0]
Feb 1 10:21:42 	racoon: ERROR: failed to pre-process packet.
Feb 1 10:21:42 	racoon: ERROR: failed to get proposal for responder.