I have to configure a support connection to a third party partner to access sap-servers on our site.
the partner has a Cisco 2803 VPN IOS Router. i could not find a information over this router on cisco's website.

we use Bordermanager 3.8 sp4 ir5

configured is a s2s connection to this router with third party traffic rule vor only one ipaddress on the partner site
and three ipaddresses on our site. if i ping the partner ipaddress the ike process starts and i see a created sa on my site (vpnmon).
the partner said he see it to.

But the tunnel was not established!

if the partner pings, i capture for packets and see some communication between the gateways on vpn protocols and
than three packets from cisco to bm38 with source port 4500 and destination 4500 and one packet from bm38 source port 500
dest port 4500 before a error message is shown.

anyone a idea / suggestion for this happen

Ingo Mittag