Pix VPN question

[mdc1973]

Trying to get a VPN set up between my pix 515e (running 6.3(4))and a 3rd party checkpoint NG r54. I need to NAT my source traffic, and have the following config:

access-list 101 permit ip 10.1.1.0 255.255.255.128 192.168.1.0 255.255.255.0
access-list 102 permit ip 172.16.1.0 255.255.255.128 192.168.1.0 255.255.255.0


nat (inside) 2 access-list 101 0 0
global (outside) 2 172.16.1.0 netmask 255.255.255.128


crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto map vpn 10 ipsec-isakmp
crypto map vpn 10 match address 102
crypto map vpn 10 set pfs group2
crypto map vpn 10 set peer 217.x.x.x
crypto map vpn 10 set transform-set ESP-DES-SHA
crypto map vpn 10 set security-association lifetime seconds 3600 kilobytes 4608000
crypto map vpn interface outside


isakmp enable outside
isakmp key ******** address 217.x.x.x netmask 255.255.255.255
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash sha
isakmp policy 10 group 1
isakmp policy 10 lifetime 86400

So acl 101 is for the NAT, and acl 102 is for the crypto- the 3rd party encryption domain uses the 172 addresses as that's all they should see from my side.

Should this work?

 

[NetworkGhost]

Depends on the config from the other side. Is something not working?

http://www.wr-mem.com

 

[mdc1973]

No, tunnel is not being formed. I am getting the following message in the debug:

SAKMP (0): beginning Main Mode exchange
crypto_isakmp_process_block:src:217.x.x.x, dest:81.x.x.x spt:500 dpt:500
return status is IKMP_NO_ERR_NO_TRANS
ISAKMP (0): retransmitting phase 1 (0)...
ISAKMP (0): retransmitting phase 1 (1)...IPSEC(key_engine): request timer fired: count = 1,
(identity) local= 81.x.x.x, remote= 217.x.x.x,
local_proxy= 172.16.1.0/255.255.255.128/0/0 (type=4),
remote_proxy= 192.168.1.0/255.255.255.0/0/0 (type=4)

ISAKMP (0): deleting SA: src 81.x.x.x, dst 217.x.x.x
ISADB: reaper checking SA 0x1309ffc, conn_id = 0 DELETE IT!

VPN Peer:ISAKMP: Peer Info for 217.x.x.x/500 not found - peers:0