Hello, My goal is to setup a site to site VPN (attempting IPSec) between IPCop and Microsoft's ISA 2004. I am not having any luck. Has anyone accomplished this goal? The admin at the IPCop site has setup: 1) The same PSK 2) IP address of ISA server external (public) IP 3) The remote network 10.1.5.0/255.255.255.0 4) 3DES MD5 encryption On the ISA server: 1) Site to Site IPSec VPN profile 2) The IP address of IPCop external (public) IP 3) The remote network 10.200.0.0/255.255.0.0 and external IPCop IP 4) 3DES MD5 encryption 5) Tried a Route and NAT configuration for Network Rules for remote network The errors on the ISA server: Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 547 Date: 2/15/2006 Time: 11:43:07 AM User: NT AUTHORITY\NETWORK SERVICE Computer: SRV01 Description: IKE security association negotiation failed. Mode: Key Exchange Mode (Main Mode) Filter: Source IP Address 100.100.100.100 Source IP Address Mask 255.255.255.255 Destination IP Address 200.200.200.200 Destination IP Address Mask 255.255.255.255 Protocol 0 Source Port 0 Destination Port 0 IKE Local Addr 100.100.100.100 IKE Peer Addr 200.200.200.200 IKE Source Port 500 IKE Destination Port 500 Peer Private Addr Peer Identity: Failure Point: Me Failure Reason: The specified main mode policy was not found. Extra Status: Sent first (SA) payload Initiator. Delta Time 0 0x0 0x0 ------------------------------------------------------------------------------------------------------------------- Event Type: Error Event Source: Microsoft Firewall Event Category: None Event ID: 21197 Date: 2/15/2006 Time: 11:37:16 AM User: N/A Computer: SRV01 Description: ISA Server cannot locate a route to the ABC remote site. As a result, a connection cannot be established. To establish the IPSec site-to-site connection, you must update the routing table. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. I do not yet have the errors (if there are any) from the IPCop side. When I try to ping from the ISA server, the replies first say timed out and from there on: Negotiating IP Security. Any suggestions? Thanks, ...D