Setting up pfSense for 'Road Warriors' via IPSec

dparsons

Hello Everyone,
  What I want to do, for the time being, is get pfSense setup so that a few of my employees can connect from their residences.  I have poured over this doc for quite awhile: http://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To with no luck.  A quick overview of my network topology: T1 –> Cisco Router 2800 --> Internal Network  The box that has pfSense setup resides on the internal network with dual NICs. In the router I have added three entires for IPSec into the ACL for the public IP of the pfSense box.

Now if I try to connect from the local network to the pfSense box via Shrew the log for racoon looks like this:

racoon: [Unknown Gateway/Dynamic]: INFO: respond new phase 1 negotiation: 1.2.3.4[500]<=>192.168.1.44[500]
Aug 3 17:51:08	racoon: INFO: begin Aggressive mode.
Aug 3 17:51:08	racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00
Aug 3 17:51:08	racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01
Aug 3 17:51:08	racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Aug 3 17:51:08	racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
Aug 3 17:51:08	racoon: INFO: received Vendor ID: RFC 3947
Aug 3 17:51:08	racoon: INFO: received broken Microsoft ID: FRAGMENTATION
Aug 3 17:51:08	racoon: INFO: received Vendor ID: DPD
Aug 3 17:51:08	racoon: INFO: received Vendor ID: CISCO-UNITY
Aug 3 17:51:13	racoon: NOTIFY: the packet is retransmitted by 192.168.1.44[500] (1).
Aug 3 17:51:18	racoon: NOTIFY: the packet is retransmitted by 192.168.1.44[500] (1).
Aug 3 17:51:32	racoon: ERROR: phase1 negotiation failed due to time up. 12359c6a1d26d55e:de8038828d565cab

Where 1.2.3.4 is the public IP of the pfSense box.  If I connect to a network outside the public network the logs look similar.  Is there something obvious that I am missing or have I misconfigured something?

Thanks in advance!