Also, here is my msr2003 Comware7 config that i have almost working getting
Can't find IKE SA.
#
ipsec transform-set vpn-win-client
encapsulation-mode transport
esp encryption-algorithm aes-cbc-128 aes-cbc-256
esp authentication-algorithm sha1 sha256 sha384
#
ipsec profile vpn-win-client isakmp
transform-set vpn-win-client
ike-profile vpn-win-client
#
ipsec policy vpn-win-client 1 isakmp
transform-set vpn-win-client
remote-address 192.168.0.50
ike-profile vpn-win-client
#
ike profile vpn-win-client
keychain vpn-win-client
local-identity address 192.168.0.252
match remote identity address 192.168.0.50 255.255.255.255
match local address 192.168.0.252
proposal 2
client-authentication xauth
#
ike proposal 2
encryption-algorithm 3des-cbc
dh group14
#
ike keychain vpn-win-client
pre-shared-key address 192.168.0.50 255.255.255.255 key cipher $c$3$ohiq9EBbw/v1JiT3A52zHQd7bp7pDs+kzLKLyjA=
Also here is debugging
Begin a new phase 1 negotiation as responder.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Responder created an SA for peer 192.168.0.50, local port 500, remote port 500.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Set IKE SA state to IKE_P1_STATE_INIT.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Security Association Payload.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:097 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Vendor ID Payload.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Process vendor ID payload.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/EVENT: Vendor ID NAT-T rfc3947 is matched.
*Mar 19 17:26:25:098 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Process SA payload.
*Mar 19 17:26:25:099 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Check ISAKMP transform 1.
*Mar 19 17:26:25:099 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Encryption algorithm is AES-CBC.
*Mar 19 17:26:25:099 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Key length is 256 bytes.
*Mar 19 17:26:25:099 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
HASH algorithm is HMAC-SHA1.
*Mar 19 17:26:25:100 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
DH group is ECP_384.
*Mar 19 17:26:25:100 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Unsupported DH group: 20.. Attribute GROUP_DESCRIPTION.
*Mar 19 17:26:25:100 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Check ISAKMP transform 2.
*Mar 19 17:26:25:100 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Encryption algorithm is AES-CBC.
*Mar 19 17:26:25:101 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Key length is 128 bytes.
*Mar 19 17:26:25:101 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
HASH algorithm is HMAC-SHA1.
*Mar 19 17:26:25:101 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
DH group is ECP_256.
*Mar 19 17:26:25:102 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Unsupported DH group: 19.. Attribute GROUP_DESCRIPTION.
*Mar 19 17:26:25:102 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Check ISAKMP transform 3.
*Mar 19 17:26:25:102 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Encryption algorithm is AES-CBC.
*Mar 19 17:26:25:102 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Key length is 256 bytes.
*Mar 19 17:26:25:103 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
HASH algorithm is HMAC-SHA1.
*Mar 19 17:26:25:103 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
DH group is 14.
*Mar 19 17:26:25:103 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Authentication method is Pre-shared key.
*Mar 19 17:26:25:104 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Lifetime type is 1.
*Mar 19 17:26:25:104 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Life duration is 28800.
*Mar 19 17:26:25:104 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Check ISAKMP transform 4.
*Mar 19 17:26:25:104 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Encryption algorithm is 3DES-CBC.
*Mar 19 17:26:25:105 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
HASH algorithm is HMAC-SHA1.
*Mar 19 17:26:25:105 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
DH group is 14.
*Mar 19 17:26:25:105 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Authentication method is Pre-shared key.
*Mar 19 17:26:25:106 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Lifetime type is 1.
*Mar 19 17:26:25:106 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Life duration is 28800.
*Mar 19 17:26:25:106 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Found pre-shared key that matches address 192.168.0.50 in keychain core.
*Mar 19 17:26:25:107 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Attributes is acceptable.
*Mar 19 17:26:25:107 2019 nkpa-r1 IKE/7/EVENT: Oakley transform 4 is acceptable.
*Mar 19 17:26:25:107 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Constructed SA payload
*Mar 19 17:26:25:107 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct NAT-T rfc3947 vendor ID payload.
*Mar 19 17:26:25:108 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct XAUTH Cisco Unity 1.0 vendor ID payload.
*Mar 19 17:26:25:108 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct XAUTH draft6 vendor ID payload.
*Mar 19 17:26:25:108 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
IKE SA state changed from IKE_P1_STATE_INIT to IKE_P1_STATE_SEND2.
*Mar 19 17:26:25:108 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sending packet to 192.168.0.50 remote port 500, local port 500.
*Mar 19 17:26:25:109 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: SA
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 136
*Mar 19 17:26:25:109 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sending an IPv4 packet.
*Mar 19 17:26:25:109 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sent data to socket successfully.
*Mar 19 17:26:25:114 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:25:115 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:25:115 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: KE
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 388
*Mar 19 17:26:25:115 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:25:115 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:25:116 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Key Exchange Payload.
*Mar 19 17:26:25:116 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Nonce Payload.
*Mar 19 17:26:25:116 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP NAT-D Payload.
*Mar 19 17:26:25:117 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP NAT-D Payload.
*Mar 19 17:26:25:117 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Process KE payload.
*Mar 19 17:26:25:117 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Process NONCE payload.
*Mar 19 17:26:25:117 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received 2 NAT-D payload.
*Mar 19 17:26:25:210 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct KE payload.
*Mar 19 17:26:25:211 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct NONCE payload.
*Mar 19 17:26:25:212 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct NAT-D payload.
*Mar 19 17:26:25:213 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct DPD vendor ID payload.
*Mar 19 17:26:25:344 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
IKE SA state changed from IKE_P1_STATE_SEND2 to IKE_P1_STATE_SEND4.
*Mar 19 17:26:25:345 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sending packet to 192.168.0.50 remote port 500, local port 500.
*Mar 19 17:26:25:345 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: KE
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 376
*Mar 19 17:26:25:345 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sending an IPv4 packet.
*Mar 19 17:26:25:346 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sent data to socket successfully.
*Mar 19 17:26:25:351 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:25:351 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:25:351 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:26:25:351 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:25:352 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:25:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Decrypt the packet.
*Mar 19 17:26:25:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received ISAKMP Identification Payload.
*Mar 19 17:26:25:353 2019 nkpa-r1 IKE/7/ERROR: 2th byte of the structure ISAKMP Identification Payload must be 0.
*Mar 19 17:26:25:353 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Failed to parse phase 1 packet. Reason INVALID_PAYLOAD_TYPE.
*Mar 19 17:26:25:353 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Encrypt the packet.
*Mar 19 17:26:25:354 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Construct notification packet: INVALID_PAYLOAD_TYPE.
*Mar 19 17:26:25:354 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sending packet to 192.168.0.50 remote port 500, local port 500.
*Mar 19 17:26:25:354 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Info
flags: ENCRYPT
message ID: 65bbaac7
length: 84
*Mar 19 17:26:25:355 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sending an IPv4 packet.
*Mar 19 17:26:25:355 2019 nkpa-r1 IKE/7/EVENT: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Sent data to socket successfully.
*Mar 19 17:26:25:355 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Failed to negotiate IKE SA.
*Mar 19 17:26:25:355 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Failed to negotiate IKE SA.
*Mar 19 17:26:26:351 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:26:351 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:26:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:26:26:352 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:26:352 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:26:352 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Can't find IKE SA.
*Mar 19 17:26:27:352 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:27:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:27:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:26:27:352 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:27:353 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:27:353 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Can't find IKE SA.
*Mar 19 17:26:30:352 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:30:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:30:352 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:26:30:353 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:30:353 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:30:353 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Can't find IKE SA.
*Mar 19 17:26:37:352 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:37:353 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:37:353 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:26:37:353 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:37:353 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:37:353 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Can't find IKE SA.
*Mar 19 17:26:52:353 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:26:52:353 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:26:52:353 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:26:52:353 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:26:52:353 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:26:52:354 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Can't find IKE SA.
*Mar 19 17:27:07:353 2019 nkpa-r1 IKE/7/EVENT: Received packet successfully.
*Mar 19 17:27:07:353 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Received packet from 192.168.0.50 source port 500 destination port 500.
*Mar 19 17:27:07:354 2019 nkpa-r1 IKE/7/PACKET: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
I-Cookie: 06ab5a44a4db5ce7
R-Cookie: 3e534ad014fd43aa
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 68
*Mar 19 17:27:07:354 2019 nkpa-r1 IKE/7/EVENT: IKE thread 1995711776 processes a job.
*Mar 19 17:27:07:354 2019 nkpa-r1 IKE/7/EVENT: Phase1 process started.
*Mar 19 17:27:07:354 2019 nkpa-r1 IKE/7/ERROR: vrf = 0, src=192.168.0.252, dst = 192.168.0.50/500
Can't find IKE SA.