did you try to follow this steps?
this is description of Sidewinder 7.x
mr. F. Osgood make a great tutorial to do this configuration too for version 8
i hope this articles help your configuration
That's a cool blog post, thanks for that.
On the firewall's command-line you can run this to capture VPN audits:
$> acat -kbe "area vpn" > audit.raw
Test your VPN. Then you can open the audit file with this command:
$> acat audit.raw | less
On the ShrewSoft side it actually has a separate program called the 'Trace Utility'. This is the logging utility for ShrewSoft. You need to open it, then click File -> Options and switch the 'Log output level' from "none" to something else, like "debug". Then in the 'IKE Service' tab click the 'Open Log' button, make sure the 'Trace Log' button is pushed also, then click 'Start'. Do this under the 'IPSEC Service' tab also. You can click 'Restart' to clear the logs and restart the ShrewSoft services.
Now you have logs from both sides of the VPN connection. If, on the firewall side, you see an audit message like 'Message timed-out...retransmitting' you need to look on the ShrewSoft side because it has thrown an error itself and you need to find that error in the ShrewSoft Trace Utility.
thanks carbel... but we do not intend to use certificates. we would like to use pre shared key for authentication. i also tried a guide uploaded on this community by one of the members, which has step by step config for the firewall as well as the client but still have problems.
thanks sliedl as always. i did try the trace utility on the shrewsoft client and took a devug of the messages. what i see in the logs is it fails in the phase1 which i suppose is when the pre shared key exchange happens. after trying a couple of times, it just fails.