L2TP/IPSec VPN SBS 2K3 (pre-shared key) oakley.log

I have got working pptp,

I need to change it into T2TP/IPSec protocols.

For simplifying a task it is just in LAN and via pre-shared key.

I have managed to make it work on fresh testing environment but I cant do the same on a real working server.

Log Oakly:

 

 5-02: 17:20:25:398:1144 

 5-02: 17:20:25:398:1144 Receive: (get) SA = 0x00000000 from 192.168.1.100.500

 5-02: 17:20:25:398:1144 ISAKMP Header: (V1.0), len = 312

 5-02: 17:20:25:398:1144   I-COOKIE da15df02b68d5247

 5-02: 17:20:25:398:1144   R-COOKIE 0000000000000000

 5-02: 17:20:25:398:1144   exchange: Oakley Main Mode

 5-02: 17:20:25:398:1144   flags: 0

 5-02: 17:20:25:398:1144   next payload: SA

 5-02: 17:20:25:398:1144   message ID: 00000000

 5-02: 17:20:25:398:1144 Filter to match: Src 192.168.1.100 Dst 192.168.1.1

 5-02: 17:20:25:398:1144 MMPolicy dwFlags 6 SoftSAExpireTime 28800

 5-02: 17:20:25:398:1144 MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup 2

 5-02: 17:20:25:398:1144 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA

 5-02: 17:20:25:398:1144 MMOffer[1] LifetimeSec 28800 QMLimit 0 DHGroup 2

 5-02: 17:20:25:398:1144 MMOffer[1] Encrypt: Triple DES CBC Hash: MD5

 5-02: 17:20:25:398:1144 MMOffer[2] LifetimeSec 28800 QMLimit 0 DHGroup 1

 5-02: 17:20:25:398:1144 MMOffer[2] Encrypt: DES CBC Hash: SHA

 5-02: 17:20:25:398:1144 MMOffer[3] LifetimeSec 28800 QMLimit 0 DHGroup 1

 5-02: 17:20:25:398:1144 MMOffer[3] Encrypt: DES CBC Hash: MD5

 5-02: 17:20:25:398:1144 Auth[0]:Kerberos

 5-02: 17:20:25:398:1144 Responding with new SA 56767a8

 5-02: 17:20:25:398:1144 processing payload SA

 5-02: 17:20:25:398:1144 Received Phase 1 Transform 1

 ....

 5-02: 17:20:25:398:1144 Received Phase 1 Transform 2

 .....

 5-02: 17:20:25:398:1144 Received Phase 1 Transform 3

 ....

 5-02: 17:20:25:398:1144 Received Phase 1 Transform 4

 ....

 5-02: 17:20:25:398:1144 Received Phase 1 Transform 5

 5-02: 17:20:25:398:1144      Encryption Alg DES CBC(1)

 5-02: 17:20:25:398:1144      Hash Alg MD5(1)

 5-02: 17:20:25:398:1144      Oakley Group 1

 5-02: 17:20:25:398:1144      Auth Method Preshared Key(1)

 5-02: 17:20:25:398:1144      Life type in Seconds

 5-02: 17:20:25:398:1144      Life duration of 28800

 5-02: 17:20:25:398:1144 Key Exchange Mode (Main Mode)

 5-02: 17:20:25:398:1144 Source IP Address 192.168.1.1  Source IP Address Mask 255.255.255.255  Destination IP Address 192.168.1.100  Destination IP Address Mask 255.255.255.255  Protocol 0  Source Port 0  Destination Port 0  IKE Local Addr 192.168.1.1  IKE Peer Addr 192.168.1.100  IKE Source Port 500  IKE Destination Port 500  Peer Private Addr

 5-02: 17:20:25:398:1144 Phase I Diffie-Hellman Group

 5-02: 17:20:25:398:1144 2

 5-02: 17:20:25:398:1144 14

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 1 policy method 2

 5-02: 17:20:25:398:1144 Attribute Phase I Hash Algorithm

 5-02: 17:20:25:398:1144      Expected: MD5

 5-02: 17:20:25:398:1144      Received: SHA

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 1 policy method 3

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: DES CBC

 5-02: 17:20:25:398:1144      Received: Triple DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 1 policy method 4

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: DES CBC

 5-02: 17:20:25:398:1144      Received: Triple DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 2 policy method 1

 5-02: 17:20:25:398:1144 Attribute Authentication Method

 5-02: 17:20:25:398:1144      Expected: Kerberos (GSSAPI)

 5-02: 17:20:25:398:1144      Received: Preshared Key

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 2 policy method 2

 5-02: 17:20:25:398:1144 Attribute Phase I Hash Algorithm

 5-02: 17:20:25:398:1144      Expected: MD5

 5-02: 17:20:25:398:1144      Received: SHA

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 2 policy method 3

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: DES CBC

 5-02: 17:20:25:398:1144      Received: Triple DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 2 policy method 4

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: DES CBC

 5-02: 17:20:25:398:1144      Received: Triple DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 3 policy method 1

 5-02: 17:20:25:398:1144 Attribute Phase I Hash Algorithm

 5-02: 17:20:25:398:1144      Expected: SHA

 5-02: 17:20:25:398:1144      Received: MD5

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 3 policy method 2

 5-02: 17:20:25:398:1144 Attribute Authentication Method

 5-02: 17:20:25:398:1144      Expected: Kerberos (GSSAPI)

 5-02: 17:20:25:398:1144      Received: Preshared Key

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 3 policy method 3

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: DES CBC

 5-02: 17:20:25:398:1144      Received: Triple DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 3 policy method 4

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: DES CBC

 5-02: 17:20:25:398:1144      Received: Triple DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 4 policy method 1

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: Triple DES CBC

 5-02: 17:20:25:398:1144      Received: DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 4 policy method 2

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: Triple DES CBC

 5-02: 17:20:25:398:1144      Received: DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 4 policy method 3

 5-02: 17:20:25:398:1144 Attribute Authentication Method

 5-02: 17:20:25:398:1144      Expected: Kerberos (GSSAPI)

 5-02: 17:20:25:398:1144      Received: Preshared Key

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 4 policy method 4

 5-02: 17:20:25:398:1144 Attribute Phase I Hash Algorithm

 5-02: 17:20:25:398:1144      Expected: MD5

 5-02: 17:20:25:398:1144      Received: SHA

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 5 policy method 1

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: Triple DES CBC

 5-02: 17:20:25:398:1144      Received: DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 5 policy method 2

 5-02: 17:20:25:398:1144 Attribute Phase I Encryption Algorithm

 5-02: 17:20:25:398:1144      Expected: Triple DES CBC

 5-02: 17:20:25:398:1144      Received: DES CBC

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 5 policy method 3

 5-02: 17:20:25:398:1144 Attribute Phase I Hash Algorithm

 5-02: 17:20:25:398:1144      Expected: SHA

 5-02: 17:20:25:398:1144      Received: MD5

 5-02: 17:20:25:398:1144 Policy mismatch on offer method 5 policy method 4

 5-02: 17:20:25:398:1144 Attribute Authentication Method

 5-02: 17:20:25:398:1144      Expected: Kerberos (GSSAPI)

 5-02: 17:20:25:398:1144      Received: Preshared Key

 5-02: 17:20:25:398:1144 constructing ISAKMP Header

 5-02: 17:20:25:398:1144 constructing NOTIFY 14

..................................