the IKE seems to fail, and I can not figure out why... here is ike log:
Jun 13 10:38:28 No proposal selected in first phase for local=ipv4(any:0,[0..3]=X.X.X.X) remote=ipv4(udp:500,[0..3]=Y.Y.Y.Y)
Jun 13 10:38:32 Phase-1 negotiation failed with error Timeout for p1_local=ipv4(any:0,[0..3]=X.X.X.X) p1_remote=ipv4(udp:500,[0..3]=Y.Y.Y.Y)
Jun 13 10:39:03 The remote server at Y.Y.Y.Y:500 is 'draft-ietf-ipsec-nat-t-ike-02'
Jun 13 10:39:03 Not setting PMDATA_PEER_IS_OURS for Y.Y.Y.Y
Jun 13 10:39:03 The remote server at Y.Y.Y.Y:500 is 'draft-ietf-ipsec-nat-t-ike-03'
Jun 13 10:39:03 Not setting PMDATA_PEER_IS_OURS for Y.Y.Y.Y
Jun 13 10:39:03 The remote server at Y.Y.Y.Y:500 is '4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f'
Jun 13 10:39:03 The remote server at Y.Y.Y.Y:500 is '40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 c0 00 00 00'
Jun 13 10:39:03 No proposal selected in first phase for local=ipv4(any:0,[0..3]=X.X.X.X) remote=ipv4(udp:500,[0..3]=Y.Y.Y.Y)
what I think is stragne is that there are 2x "The remote server at" is that normal?
any suggestions?
It turned out that we needed to use SHA-1 not SHA-256
I answer myself in case someone should come across the same cryptic error messages (or if I should do so myself in the future)