VPN3005 Concentrator error

In article , PabloFiasko wrote: :I am trying to set up a new tunnel on my working VPN 3005 box :(currently > 15 tunnels). :I keep on getting the following error: :SEV=4 IKE/96 RPT=7 Aborting group lookup: invalid Auth Mode :(Preshared Key)

I haven't used the VPN3000 series, but my take on that message would be that the remote end is requesting authentication via preshared key and your end is configured for certificate authority instead.

:I triple checked settings on both ends, and updated the concentrators :software to the latest vpn3005-4.7.Rel-k9.bin. The event handler for :this error tells me to contact Cisco TAC. Has anbody an idea on this :error besides contacting the TAC?

:The other end is an OpenBSD based box...

If you could say more about the settings on each end, and about which software IPSec you have on the OpenBSD box, then something might jog one of our memories.

okay here we go: the remote end is an OpenBSD 3.6 box running a stock isakmpd. on the BSD Box I have: Phase= 1 Transport= udp ... DOI= IPSEC EXCHANGE_TYPE= ID_PROT ... ENCRYPTION_ALGORITHM= 3DES_CBC HASH_ALGORITHM= SHA AUTHENTICATION_METHOD= PRE_SHARED GROUP_DESCRIPTION= MODP_1024 ...

on my concentrator i have the following settings: on my concentrator I tried a lot settings playing around with hash and modulus, but nothing did anything other than produce the above error.