Than you for the prompt response Paul. After adding your suggestions to my configuration I am getting an ERROR: in my log.<br><br>My current server end config is this:<br><br>config setup<br>        nat_traversal=yes<br>        virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12" target="_blank">10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12</a><br>

        nhelpers=0<div class="im"><br><br>conn road<br>    left=194.79.19.179             # Gateway&#39;s information<br>    leftid=@<a href="http://fits-server.rsm.fi/" target="_blank">fits-server.rsm.fi</a>     #<br></div>
    leftrsasigkey=0sAQOdTUwf......<div id=":14p" class="ii gt">..........<br>
    rightnexthop=%defaultroute<div class="im"><br>    right=%any                     # Wildcard: we don&#39;t know the laptop&#39;s IP<br></div>    rightsubnet=vhost:%priv,%no<div class="im"><br>    rightid=@<a href="http://rsm-1.rsm.fi/" target="_blank">rsm-1.rsm.fi</a>          #<br>
</div>
    rightrsasigkey=0sAQOA59S41zh9<div class="im"><br>    auto=add                       # authorizes but doesn&#39;t start this connection at startup<br><br></div>include /etc/ipsec.d/examples/no_oe.conf<br><br>My current client configuration is this:<br>

<br>config setup<br>        nat_traversal=yes<br>        virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12" target="_blank">10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12</a><br>        nhelpers=0<div class="im">
<br><br>
conn road<br>    left=%defaultroute             # Picks up our dynamic IP<br></div>    leftnexthop=%defaultroute<div class="im"><br>    leftid=@<a href="http://rsm-1.rsm.fi/" target="_blank">rsm-1.rsm.fi</a>           # Local information<br>
</div>    leftrsasigkey=0sAQOA59..............<div class="im"><br>
    right=194.79.19.179            # Remote information<br>    rightid=@<a href="http://fits-server.rsm.fi/" target="_blank">fits-server.rsm.fi</a>    #<br></div>    rightrsasigkey=0sAQOdTU.......<div class="im"><br>    auto=add                       # authorizes but doesn&#39;t start this<br>

<br></div>include /etc/ipsec.d/examples/no_oe.conf<br><br><br>The ERROR in the server end logs goes like : <br><br>...&quot;road&quot;[1]
62.237.208.66 #4: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5
group=modp1536}<br>
...&quot;road&quot;[1] 62.237.208.66 #5: ERROR: netlink_get_spi for <a href="http://esp%2E0@194.79.19.179/4096/4294967295" target="_blank">esp.0@194.79.19.179/4096/4294967295</a> failed with errno 22: Invalid argument<br>
...&quot;road&quot;[1] 62.237.208.66 #5: responding to Quick Mode {msgid:e47722c0}<br>
...&quot;road&quot;[1] 62.237.208.66 #5: ERROR: netlink response for Add SA <a href="mailto:esp.0@194.79.19.179" target="_blank">esp.0@194.79.19.179</a> included errno 22: Invalid argument<br>...&quot;road&quot;[1]
62.237.208.66 #4: Quick Mode I1 message is unacceptable because it uses
a previously used Message ID 0xe47722c0 (perhaps this is a duplicated
packet)<br>
<br>I have the same Debian Lenny at both ends. The server is 64 bit the client 32bit.<br><br>Regards,<br><br>Michael.<br><br></div>