finally found the problem. my end is configured for IKE replay protection but the far end isn't so it drops packets. The interesting thing is that I got some packes but not all, which made me think it's simply slow. found this out by "debug vpn".
Thanks all for your help. Cheers. Xueyan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62589&t=62461 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
