I have two servers in test mode for S2S between 2 NW6.5.1 servers with
NBM 3.8.2. Followed Craig's boot twice and still it will not complete.
(Great Book Craig)

Site to site on private network for testing. Second server is behind
STATIC NAT in second tree. No additional services.

Slave Server NRM VPN Monitoring Log shows:

1. Failed to create IKE SA - No usage certificate available for
signature authentication cookies my-his :
EC4037B800DADADA-7A6A4D69BA070767 dst: src:

(The above shows up after reboot but never see it again.)

2. Proposal Mismatch - Quick Mode : ESP - transform mismatch mine : esp
des his : esp 3des dst: src: cookies my-his
:EC4037B800DADADA - 762C6365CCA8F09E

(Only see the above twice in the list but never shows up after initial

3. Read Slave S2S Policy From File Failed, Unable to open Configuration

(Mostly I see the above error message.)

Master Server NRM VPN Monitoring Log Shows:

1. VPN ACLCheck - No Match found in Trusted Master List.

(See this during initial boot only.)

2. Failed configuring VPN member TEMPREMSVR. Failed establishing
connection from master to member.

(Mostly I see the above and erors sending updates.)

I have deleted all of configuration files on the master sys:system\vpn
and told iManager to resync to get them to be re-created incase of

I have blown away the entire configuration on both servers, and extra
objects, and recreated from scratch. I have reviewed my certificates
and they look to be right.

Any help would be greatly appreciated. I have done a lot of work to get
this running but just can't get past this.