I am trying to setup a new SITE to SITE VPN connection.

Yesterday, SBC installed SBC Yahoo DSL. I told the installer that I
did
not want DHCP, filters, or NAT, so he suggested I used a bridge and
not a
router for the service. He installed an Efficient Networks
SpeedStream
5360.

Internet service is working and the BM 3.7 proxy server is working for

HTTP.

My problem:

When trying to establish a connection for the Site to Site, the Slave

server reports:

Audit Log:

(SKIP) Construction of SA failed for peer 68.xx.xx.xx

Info:

IP Security Error 284

IPSEC failed to set up a Security Association with the indicated
connection causing packets to be dropped.

Check for possible our of memory conditions.


Here's what I tried so far:

1. Reviewed Master server's Audit log. No indication of making a
connection to Slave server.

2. Reviewed Slave server's Audit log. VPSLAVE was started. License
was
obtained. Then the SA errors keep occuring over and over.

3. Verified both servers were running the same version of TCPIP.NLM.

Both are 6.15.16 128bit.

4. Verified that the actual server time (Master and Slave) are within
one
minute (just a few seconds).

5. I called SBC DSL support. They had no clue what I was talking
about
when I stated that I needed to verify that SKIP (protocol 57) and
UDP/TCP
353 ports were not being filterd. So, SKIP may be getting blocked,
but I
can't seem to verify it.

How can I test to see if SKIP is blocked ?

Also, any ideas on correcting my problem.

I do know that at the MASTER site, I am able to make a Client to Site
VPN
connection and have been able to for a long time, so I tend to think
the
problem is at the SLAVE end.