exchange Identity Protection not allowed in any applicable rmconf

thejunki

I am receiving this error on my VPN connection.  I am kinda new to pfsense so if you ask for logs tell me how to find them.  I can tell you the setup I have matched between a sonicwall firewall and 2.0 pfsense as close as I possible can.  Here is my log if anyone has any ideas.

Jun 21 22:41:04 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)
Jun 21 22:41:04 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
Jun 21 22:41:04 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[4500] used for NAT-T
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[4500] used as isakmp port (fd=17)
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[500] used for NAT-T
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[500] used as isakmp port (fd=18)
Jun 21 22:41:04 racoon: INFO: unsupported PF_KEY message REGISTER
Jun 21 22:41:22 racoon: [Work]: [aaa.aaa.aaa.aaa] ERROR: exchange Identity Protection not allowed in any applicable rmconf.
Jun 21 22:41:30 racoon: [Work]: aaa.aaa.aaa.aaa] ERROR: exchange Identity Protection not allowed in any applicable rmconf.

The last entry

ERROR: exchange Identity Protection not allowed in any applicable rmconf.

Will scroll forever if I leave it alone

I admin both sides of the VPN so if anyone has any ideas I would love to try.  I googled this error and got 4 results that didnt help so I posted here.

jimp

IIRC that's a mismatch in Main/Aggressive mode between the two ends.

thejunki

YAAA you fixed me!  Thanks a bunch!